Facebook app was one of the most famous apps used by millions of people all over the world. There are various types of vulnerabilities had occurred and solved. Now the security researcher from Egypt Mohamed Ramadan with Attack Secure has pinned two types of security vulnerabilities in Facebook messenger app which can allow the hackers to use the token generated and get access to the account.
Just the messenger app that installed on your android device is enough to steal the tokens which give the attacker to get access the Facebook account which also explores the security vulnerability. The other exploit was on the Facebook Manager page and he explains how the access works on this.
He was also rewarded $6000 as a Bug Bounty from Facebook.