Student discovers Facebook site flaw
The New Year’s Midnight Delivery feature was set up on Facebook Stories to enable users to write messages to friends to be automatically sent after midnight.
Aberystwyth University student Jack Jenkins discovered that by tweaking the Url after sending a message, he could read and even delete other users’ messages.
Advertisement
Hide AdAdvertisement
Hide AdHe blogged about the error, writing: “I just wanted to share this. I don’t know how a site like Facebook can continue to take these kinds of risks. PLEASE Don’t go deleting random messages, but try and delete one of mine that I set up especially if you want.”
Facebook promptly disabled the feature upon discovering the issue. A spokesman for Facebook confirmed that the site is back up and running again, and that it had been taken offline for a time while they dealt with the issue.
Facebook Stories is a separate site from the main Facebook site.