The Flaw in Facebook can cause your photos to be deleted by Anyone

Pouya Darabi - an Iranian programmer has just discovered a new flaw on Facebook that allows anyone to delete your photos.

   The new vulnerability resides in Facebook is new Poll feature, launched by the social media giant earlier this month, for posting polls that include images and GIF animations.

   According to Pouya Darabi, when creating a poll anyone can easily replace the image ID or gif URL in the request sent to the Facebook server with the image ID of any photo on the social media network.

poll_question_data[options][][associated_image_id] contains the uploaded image id.

   When this field value changes to any other images ID, that image will be shown in poll. After sending request with another user image ID, a poll containing that image would be created.

   If the person who created the poll detects that bet, the victim's picture will also be deleted.

   Pouya Darani received $ 10,000 in bonuses from Facebook after reporting the vulnerability. Facebook patched the vulnerability in May 2017.

How to Delete any photos on Facebook? See details in the video below: 

From Pouya Darabi
Previous Post Next Post