View Friends List of any users using “View as” | Facebook Bug bounty

Hello guys,

to today i want to share how i find my 1st bug bounty of this year (2022) with Facebook BBP.

so let’s start… on Feb 28, 2022 facebook takedown my main account on facebook due to violations, so on that day i also create new account then after 2 weeks when im changing the privacy of my facebook account after i set all to “only me” then i decided to view my account using “view as” then when i click na the friends tab my facebook friends appear on in the list which is should not happened.

Then i try to view my profile with another account if its already set then after i checked it’s all normal i can’t see my friend list’s using another account.

After that i tried to view my profile on the browser then when i goto my profile using “view as” i tried to replace my username on url bar to another username then i see their friend list

so i reported it on faceboook.

Timeline Review
Mar 13, 2022 (Initial report)
Mar 14, 2022 (Triaged)
Mar 18, 2022 (Fixed)
Apr 02, 2022 (Bounty awarded)