Facebook has fixed a bug that inadvertently revealed users’ personal photos. The bug was discovered after people used it to post personal pictures of Facebook CEO Mark Zuckerberg.

The flaw, as first reported by ZDNet, was originally found by members of a body-building forum. The bug took advantage of the network’s mechanism to report inappropriate images. When Facebook users clicked on the “Report” menu to flag an image as pornography or nudity, they were then shown other photos from that reported users’ account -- some of which were private -- to determine if they were also inappropriate.

In a statement, Facebook said that the bug was the result of a recent code push that allowed users to see the private photos, and that the code was only available for a limited time. The company said that it has taken the option offline and will only return it confirms that similar incidents won’t happen again.

It’s a black eye for the company, which has been making a renewed push to convince users that their Facebook information is secure and under their own control.

Following the announcement of a Federal Trade Commission settlement over privacy, Zuckerberg said that he is “the first to admit that we’ve made a bunch of mistakes” regarding privacy, naming the Beacon advertising issue and “poor execution” in transitioning to its new privacy model. Zuckerberg said that he wants to make Facebook a “leader in transparency and control around privacy.”

(Post Co. Chairman and Chief Executive Donald E. Graham sits on Facebook’s board of directors.)

Related stories:

Facebook releases top topics of 2011

Facebook’s most shared of 2011: Which Washington Post articles made the list?

Facebook settles privacy complaint, agrees to ask permission for privacy changes