Just because this isn't the typical mass vulnerability SQL injection or XSS attack on a major framework doesn't mean it's basically worthless ($15k or less).
The amount of damage that could be done to Facebook's reputation is enormous, not to mention the value of the information that could be stolen.
The first example that comes to mind, "an organised trade in confidential personal information"
https://en.wikipedia.org/wiki/News_International_phone_hacki...
Just because this isn't the typical mass vulnerability SQL injection or XSS attack on a major framework doesn't mean it's basically worthless ($15k or less).
The amount of damage that could be done to Facebook's reputation is enormous, not to mention the value of the information that could be stolen.