01 Mar Facebook Flaw Exposes Email, Details of Page Admins
A security researcher named Mohamed Baset recently discovered a Facebook vulnerability which exposes the email and other details of a page administrator within the HTML code.
According to Baset’s blog post, the “logical error” was found after he received an email notification from Facebook asking him to like a page after he liked a post on it. Upon viewing the original version of the email and further analyzing the source code, Baset saw the name, email, and other details plainly included in the code.
Baset was awarded $2,500 by Facebook for the discovery through the company’s bug bounty program.
Source: Security Affairs