Vulnerability Type
Privacy / Authentication
Vulnerability Scope
Main Site (www.facebook.com)
Title
Bypass Admin Roles
Product / URL
Facebook pages
Description and Impact
Edit any facebook page to be community page for the attacker page
                                    Exploit Coded Into Chrome Extension by khalil shreateh
 
A Loophole in one of facebook pages functions allowed me to bypass admin roles and edit any facebook page, and the result was : 

 
As the picture above shows, editing any facebook page to be a community page for my official facebook page . 
 
 
                                                 Facebook security reply after POC
 
Description and Impact
Attacker can change facebook pages such as celebrities, politics, companies pages and use that edit for his own, even to post a message by creating a fake page and lead the victim pages fans to his page . 
 
Reading this picture will make it more clear for you about hwo much this exploit is dangerous:
 
I recorded this video explaining the damage that can occured for this vulnerability and how it works :

https://www.youtube.com/watch?v=mNEY4p7XkXc

 
This vulnerability patched and doesnt work any more .
Feel free to leave your comment .