.png)
20 hours ago
5 BOOK THIS SPACE FOR AD
ARTICLE ADIn this write-up, I have shared the story of a simple Facebook bug where the Activity Log and Hacked Flow features weren’t working as intended.
✨ Non-members can read this write-up for free using this link.
Hi everyone, it’s Shubham Bhamare again with a new bug bounty write-up. Today, I’m going to share the story of how I turned an “Informative” bug into a valid $500 bug. This was one of the most interesting findings of my life and a very simple one as well. The target platform was, of course, Facebook. 😅
The best part? This bug was found just by observation, like many of my previous findings.
So, without further ado, let’s get started! 👉
Description:
Let me give you a brief description of this bug. Facebook has two security features: Activity Log and Hacked Flow.
The Activity Log allows users to view their recent comments, likes, and other activities on Facebook.The Hacked Flow is designed to help users undo suspicious activities if they believe their account has been compromised.
![Tips to find Stored XSS [Bug_Bounty_Tips]](https://miro.medium.com/v2/resize:fit:276/1*iepgfuk7IPeIVDwcfuYieQ.png)
Bengali (Bangladesh) · 
English (United States) ·