Hello community! my name is Yusuf Aydın
I found a vulnerability on 1 july 2019
I tried this steps:
- Create an event from a page [facebook android Mobile app]
- Add another account (be sure he/she is not admin of the page) as a co-host in the event.
3. Open another account and click the notification about the co-host.
4.You will see the name of the admin that has added you as a co-host like this
5.two notifications come at the same time and explain the admin of this page.
jul. 1, 2019 — Report sent
jul. 4, 2019 — Report Triaged
jul. 8, 2019 — Issue Fixed
jul. 11, 2019— Bounty of $500 Awarded
Follow me on Twitter: https://twitter.com/h1_yusuf