Rockstar Games: CSRF Vulnerability on

ID H1:474833
Type hackerone
Reporter netfuzzer
Modified 2020-06-12T14:01:11


In this report, the researcher identified a Cross-Site Request Forgery vulnerability that could have allowed attackers to link a Facebook account to another user's Social Club account, and thus gain the ability to log in as the victim. We implemented an anti-CSRF token as part of the account-linking process in order to prevent this behavior and ensure it can no longer be exploited.