Mar 16, 2021

Summary

Hello Everyone,This is my fourth valid bug that i have found on Facebook.This bug is about the voice confusion when commenting on watch party using iOS device.

Reproduction Steps

1.Page A is Hosting Watch Party.
2.User B visits Page A and Switch the voice as Page B(acting as Page B).
3.User B as Page B opens watch party hosted by Page A.
4.User B as Page B makes the comment but surprisingly comment is attributed as User B instead of Page B.

Then i quickly report this issue to Facebook Security Team.
Once i reported this issue they were able to validate this issue and finally rewarded me with bounty

Message From Facebook Security Team

Timeline of Report

October 22, 2020:Initial Report Sent

January 21, 2021:Triaged(after several discussion)

January 28, 2021:Fixed

February 1, 2021:Bounty Awarded($1000)

Thank you for taking the time to read my article. Have a great day!
You can follow me on Facebook, Twitter
and Linkedln
if you would like to stay connected with me.


Tags: bugbountytips bugbounty facebookbug facebookbugbounty facebook infosec cybersecurity bughunting

Contact Me

Feel free to contact me

Any message you want to leave?

Address
Chitwan,Nepal
Phone
+9779845953745