WhatsApp XSS vulnerability can be misused for Spreading Malware
[ According to FACEBOOK, This XSS could take advantage of the known domain to make phishing attacks easier or can be misused for Spreading Malware ]
Reward For Whatsapp XSS Vulnerability : 1000$
Poc url :
but you can think a little different
How this can be used to trick users to download a fake application (Malware - WhatsApp.apk) from other domain and easily can spreading malware..