Back to directory
WRITEUP #3730

Third-Party Apps were still getting your private Facebook data even after their access expiry.

Logic BugLogic flaw
by@samiparyal_(Samip Aryal)
Bounty
1,000
Program
Meta / Facebook
Published
May 20, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://infosecwriteups.com/third-party-apps-were-still-getting-your-private-facebook-data-even-after-their-access-expiry-6e4be4880e6e
RELATED WRITEUPS
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
“Like” Bypass on Customer Reviews — €500 bounty
Logic BugLogic flaw
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat