A Facebook security flaw – or, perhaps, a misunderstanding – lets Page admins boot the creator of the original Page from admin status, effectively hijacking the Page, Naked Security reports.
One could argue that this is working as intended: if the creator of a Facebook Page lets someone else in as admin, they have the same administrative rights as them, right? Wrong. Facebook’s FAQ clearly states that “the original creator of the Page may never be removed by other Page admins.”
Unfortunately, as visible in the video embedded below, a newly appointed page admin can remove the Page creator’s admin status, which can be very nasty in certain cases. Today, Facebook Pages are more than fun, they’re a serious part of business promotion and losing administrative access to a Page can lead to host of problems.
Is it a security flaw or simply an error in Facebook’s FAQ? According to the Register, it’s the latter. Ultimately, it doesn’t matter: either way it will confuse users and cause problems, since the FAQ says one thing and the reality is very different.
We’ve asked Facebook for comment but haven’t yet heard from them.
Have you ever had a Facebook Page hijacked by another admin? Please, share your experiences in the comments.
As seen on Mashable.com