Logic Flaw in Meta Account Center: The Case of the Silent Patched Disavow Flow

evangeliux.medium.com · Evangeliux · 12 hours ago · vulnerability
quality 4/10 · average
0 net
AI Summary

A logic flaw was discovered in Meta's Account Center 'This wasn't me' disavow flow that could potentially be exploited for unauthorized account access or control, which Meta later patched.

Tags
logic-flaw account-takeover authentication-bypass meta facebook account-center security-research bug-bounty
Entities
Meta Account Center

Introduction While conducting security research on Meta’s Account Center, I identified a significant logic flaw in the “This wasn’t me”…

Continue reading on Medium ยป

← Back to stories