The bug that was discovered by an independent hacker, Sachin Thakuri says that it is not a technical flaw. However, this flaw is enough to fool people into believing some fake news. So, how did he fake this Facebook post? Here’s the original URL of Mark Zuckerberg’s original life event.
If you see the URL carefully and remove the ustart=1 parameter, the work status of ustart=1 parameter. Take a look at the changed and misguiding Facebook post without ustart=1 parameter:
When you click on the above manipulated URL displays, the same life event page of Mark Zuckerberg but with the text: Left Job at Facebook instead displaying Started Working at Facebook. Sachin writes “…although on a client side the post is coming from a valid user and there is no way to figure out that the post has been manipulated and has not been posted by a user.” Even though this is not a security bug or serious privacy, but it could be used maliciously by some people in order to fool victims into believing that someone has quit his or her job. Thakuri has reported the bug to the Facebook security team, but they have not fixed this yet. One hopes that Facebook understands the gravity of the issue and patches this flaw as early as possible