Lucene search
K

4 matches found

Hacker One
Hacker One
added 2020/06/18 1:31 p.m.15 views

Rockstar Games: SocialClub Account Take Over Through Import Friends feature

In this report, the researcher identified a vulnerability in a Social Club feature intended to allow users to import their friends list from Facebook and other social media sites. However, if a targeted victim were to visit a crafted site containing a specific malicious script that exploited this...

1.9AI score
Exploits0
Hacker One
Hacker One
added 2018/01/26 11:36 a.m.31 views

Rockstar Games: Stored XSS in Snapmatic + R★Editor comments

Summary provided by the Researcher, @europa . I requested the disclosure of what I hope is the final report regarding stored cross-site-scripting vulnerabilities on the Rockstar Games SocialClub, to also allow me to summarize the research that went into the other 5 reports. Have fun! Report 1 The...

6.7AI score
Exploits0
Hacker One
Hacker One
added 2017/07/24 9:46 p.m.50 views

Rockstar Games: CSRF Vulnerability allows attackers to steal SocialClub private token.

The researcher was able to combine a Flash exploit with a CSRF vulnerability in order to obtain sensitive user tokens from https://socialclub.rockstargames.com/profileedit/GetTokens. This page is ordinarily only called in a secure fashion such that an attacker is unable to see another user's...

0.4AI score
Exploits0
Hacker One
Hacker One
added 2017/02/07 5:36 p.m.47 views

Rockstar Games: <- Critical IDOR vulnerability in socialclub allow to insert and delete comments as another user and it discloses sensitive information ->

In this report, the researcher found an insecure direct object reference that allowed a malicious user to impersonate another user in the comment section under Newswire articles. This meant that an attacker could leave abusive comments that appeared to have been made by another user, or delete a...

3.1AI score
Exploits0
Rows per page
Query Builder