Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Rockstar Games - HackerOne Reports

View on HackerOne

104

Total Reports

3

Critical

18

High

59

Medium

24

Low

Control Character Injection In Messages

Reported by: exception | Disclosed:

Low

Weakness: Improper Authentication - Generic

Bounty: $350.00

Exposed CDN access token allows modification of all newly uploaded Snapmatic photos

Reported by: bugstar | Disclosed:

Medium

Weakness: Improper Access Control - Generic

Image Injection on www.rockstargames.com/screenshot-viewer/responsive/image may allow facebook oauth token theft.

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Information Disclosure

csrf in https://www.rockstargames.com/reddeadonline/feedback/submit.json

Reported by: netfuzzer | Disclosed:

Low

Weakness: Cross-Site Request Forgery (CSRF)

CSRF Vulnerability on post creation page /community/create-post.json

Reported by: netfuzzer | Disclosed:

Low

Weakness: Cross-Site Request Forgery (CSRF)

Leak IP internal

Reported by: h1danilabs | Disclosed:

Low

Weakness: Information Disclosure

Image injection on /screenshot-viewer/responsive/image ( FIX BYPASS)

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Information Disclosure

Dom based xss on https://www.rockstargames.com/ via `returnUrl` parameter

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - DOM

Stored XSS with CRLF injection via post message to user feed

Reported by: fa1rlight | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Uninstalling Rockstar Games Launcher for Windows (64-bit), then reinstalling keeps you logged in without authentication

Reported by: toxiqcitee | Disclosed:

Low

Weakness: Privacy Violation

Bounty: $250.00

Brute Force against VMware Horizon

Reported by: ivanglinkin | Disclosed:

Low

Weakness: Improper Restriction of Authentication Attempts

Bounty: $250.00

Warehouse dom based xss may lead to Social Club Account Taker Over.

Reported by: netfuzzer | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - DOM

Password and mail address stored unencrypted in memory - Rockstar Game Launcher

Reported by: mbit | Disclosed:

Medium

Weakness: Missing Encryption of Sensitive Data

Bounty: $750.00

Bypass CAPTCHA protection

Reported by: exception | Disclosed:

Medium

Weakness: Improper Authentication - Generic

Bounty: $500.00

SSLv3 POODLE Vulnerability

Reported by: rmtyronerf | Disclosed:

Low

Weakness: Violation of Secure Design Principles

XSS in http://www.rockstargames.com/theballadofgaytony/js/jquery.base.js

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Reflected

Open redirect on https://signin.rockstargames.com/connect/authorize/rsg

Reported by: bugstar | Disclosed:

Low

Weakness: Open Redirect

insecure redirect in https://www.rockstargames.com

Reported by: netfuzzer | Disclosed:

Low

Weakness: Violation of Secure Design Principles

Reflected XSS in /Videos/ via calling a callback http://www.rockstargames.com/videos/#/?lb=

Reported by: nahamsec | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Generic

use of unsafe host header leads to open redirect

Reported by: exception | Disclosed:

Low

Weakness: Violation of Secure Design Principles

Bounty: $300.00

Page 1 of 6 Next