Rockstar Games: Reflected XSS via Double Encoding

2017-07-06T15:33:56
ID H1:246505
Type hackerone
Reporter awolsec
Modified 2017-09-01T15:40:02

Description

The researcher found a Reflected XSS vulnerability in the search query on support.rockstargames.com. This exploit worked by using double-encoding to bypass our filters. With the researcher's help we were able to resolve this vulnerability.