Confirm an email address belonging to a specific user
Privacy is important, and after reading this vulnerability, you will know that Facebook gives privacy a great priority
One link enables me to exploit this vulnerability and got $ 5k. alhamdulilah
Too many emails received from facebook contain link to unsubscribe from notifications :
I look at html form i see e parameter i add it to the previous link, i notice if email is belonging given user in u parameter the response was normal (including secondary emails ), but if i enter the wrong email i get <this page isn’t available > as response
Then I reported the vulnerability,
I received a bounty of 5000$
Thanks facebook security team .