Handy FB Scripts

Free FB Extensions

Social Applications
Free Social Applications
Neww
Social Media Scripts

G+,LinkedIn & Other

 

 

Vulnerability Type
Privacy / Authentication
 
Vulnerability Scope
Main Site (www.facebook.com)
 
 
Title
Friends and Friends of Friends Tag Exploit
 
 
Description and Impact
 
users can tag friends (tested) and friends of friends (will be test later) in a post that friends cant remove the tag (untag) themself
 
 
 
Reproduction Instructions / Proof of Concept
To exploit this follow :
1 - create a new post with link preview and any text example: facebook security page https://www.facebook.com/security
 
2- Tag your friend(s) from the tag box beside feeling and place button .
 
3- click post .
 
now your friend will not be able to untag themself from your post .
 
POC VIDEO :

 

Tags: facebook, vulnerabilities, exploits

Print Email

Copyright © 2016 Twitter/shreateh