Facebook has fixed a critical flaw in a user feedback feature that allowed any user to access private photos posted in other users accounts. Before it was fixed, the flaw was used to hack the account of Facebook CEO Mark Zuckerberg and post photos online. The social network responded quickly after a post in a discussion forum on bodybuilding.com detailed a method for using a feature to report suspicious content to bypass privacy protections on other Facebook users accounts. The company issued a statement Tuesday afternoon saying the bug was created in a recent code push
Source: https://threatpost.com/facebook-fixes-complaint-feature-abused-bypass-photo-privacy-zuckerberg-among-victims-120611/75966/