And in all likelihood, someone else monitored the incoming reports, recognized that this was a high-priority issue, and fast-tracked it to the developer. On top of that, I don't know Facebook's process that well, but releasing something that quickly probably involved some coordination to get it out so fast. Maybe someone else verified it, maybe someone fast-tracked it through the approval / launch process, etc.
Even things like bugfixes are rarely entirely creditable to only developers.
Judging by the name of the endpoint, it probably wasn't a super-complicated fix anyway - just disable / blacklist the endpoint that was obviously a mistake / test.
Even things like bugfixes are rarely entirely creditable to only developers.
Judging by the name of the endpoint, it probably wasn't a super-complicated fix anyway - just disable / blacklist the endpoint that was obviously a mistake / test.