Rockstar Games: csrf in https://www.rockstargames.com/reddeadonline/feedback/submit.json

In this report, the researcher discovered an endpoint that lacked CSRF protection and demonstrated a way to exploit it via a remote webserver. Typically CSRF-related reports are not eligible for bounty, but the impact of this exploit was high enough to warrant a reward. This was only exploitable ...