So last night I received an email invite from some random person on Facebook who I don’t know. These are the sort of emails which I usually receive but hardly pay any heed till this one happened:
Step 1: Received an email on account of some other person – thanks to error correction feature in Gmail.
Step 2: Clicked on the email link provided by Facebook and it opened a user’s FB page which was an unauthorized access for me.
I haven’t reproducing this vulnerability by creating a test facebook profile with a erroneous email address but