The vulnerability is something new in hacking techniques, i called it Remote Code Crush (RCC) .
Vulnerability Name: Facebook Remote Code Crush
Coded By : Khalil Shreateh
What is RCC Vulnerability ?
This type of vulnerabilities are different that Remote Code Execution (RCE) [The ability an attacker has to access someone else's computing device and make changes, no matter where the device is geographically located]. While RCC can change part of web application codes.
Exploit
First i created a new post, then i tagged users on that post, after that i send a custom Payload to crush the tagged post . the tagged users (victims) will have no control on that post, they can not untag themselves, report it or even stop its notifications, because i crushed the post menu.
RCC Screenshot: Menu crushed, replaced with "There was an error processing your request."
Bounty : 500$