Facebook have denied One more researcher to pay bounty for finding critical exploit on Facebook.
The New exploit with which attacker could delete any Facebook profile or page including verified celebrities page, was found few days back by one of the security researcher.
Ehraz Ahmad, security researcher claims reported the bug to Facebook security team, which can be used to delete any Facebook Account.
Facebook refused the Researcher to pay bounty, by stating the reason, that the vulnerability only works for test Account, but he said the vulnerability was tested by him on one some real accounts and he was successful to delete those. soon Facebook fixed the Vulnerability, and no Bounty was provided to researcher.
Video, showing how the exploit worked:
Few days back Facebook refused to pay bounty to bounty to a critical vulnerability found by ‘security researcher, khalil’.
Ehraz said, with this Vulnerability he was able to delete any profile Including Facebook CEO, Mark Zuckerberg.
If Facebook continues, with there stupid terms and conditions with researchers, sooner or later Researchers will loose their interest to report the vulnerability. and they may start selling those to black market and make huge amount of money with it.