Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Rockstar Games - HackerOne Reports

View on HackerOne

104

Total Reports

3

Critical

18

High

59

Medium

24

Low

Control Character Injection In Messages

Reported by: exception | Disclosed:

Low

Weakness: Improper Authentication - Generic

Bounty: $350.00

Exposed CDN access token allows modification of all newly uploaded Snapmatic photos

Reported by: bugstar | Disclosed:

Medium

Weakness: Improper Access Control - Generic

csrf in https://www.rockstargames.com/reddeadonline/feedback/submit.json

Reported by: netfuzzer | Disclosed:

Low

Weakness: Cross-Site Request Forgery (CSRF)

Image Injection on www.rockstargames.com/screenshot-viewer/responsive/image may allow facebook oauth token theft.

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Information Disclosure

CSRF Vulnerability on post creation page /community/create-post.json

Reported by: netfuzzer | Disclosed:

Low

Weakness: Cross-Site Request Forgery (CSRF)

Leak IP internal

Reported by: h1danilabs | Disclosed:

Low

Weakness: Information Disclosure

Image injection on /screenshot-viewer/responsive/image ( FIX BYPASS)

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Information Disclosure

Dom based xss on https://www.rockstargames.com/ via `returnUrl` parameter

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - DOM

Stored XSS with CRLF injection via post message to user feed

Reported by: fa1rlight | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Uninstalling Rockstar Games Launcher for Windows (64-bit), then reinstalling keeps you logged in without authentication

Reported by: toxiqcitee | Disclosed:

Low

Weakness: Privacy Violation

Bounty: $250.00

Brute Force against VMware Horizon

Reported by: ivanglinkin | Disclosed:

Low

Weakness: Improper Restriction of Authentication Attempts

Bounty: $250.00

Password and mail address stored unencrypted in memory - Rockstar Game Launcher

Reported by: mbit | Disclosed:

Medium

Weakness: Missing Encryption of Sensitive Data

Bounty: $750.00

Bypass CAPTCHA protection

Reported by: exception | Disclosed:

Medium

Weakness: Improper Authentication - Generic

Bounty: $500.00

SSLv3 POODLE Vulnerability

Reported by: rmtyronerf | Disclosed:

Low

Weakness: Violation of Secure Design Principles

full path disclosure on www.rockstargames.com via apache filename brute forcing

Reported by: geeknik | Disclosed:

Low

Weakness: Information Disclosure

Unserialize leading to arbitrary PHP function invoke

Reported by: someguyfromthepast | Disclosed:

Critical

Weakness: Code Injection

Source Code Disclosure (CGI)

Reported by: cyberunit | Disclosed:

Medium

Weakness: Information Disclosure

Bounty: $150.00

stored XSS (angular injection) in support.rockstargames.com using zendesk register form via name parameter

Reported by: coldd | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

Bounty: $1000.00

Open Redirection effects autodiscover.rockstargames.com

Reported by: osama-hamad | Disclosed:

Low

use of unsafe host header leads to open redirect

Reported by: exception | Disclosed:

Low

Weakness: Violation of Secure Design Principles

Bounty: $300.00

Page 1 of 6 Next