Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Rockstar Games - HackerOne Reports

View on HackerOne

104

Total Reports

3

Critical

18

High

59

Medium

24

Low

DOM XSS on https://www.rockstargames.com/GTAOnline/feedback

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - DOM

Comments Denial of Service in socialclub.rockstargames.com

Reported by: ramsexy | Disclosed:

Medium

Weakness: Code Injection

CSRF Vulnerabiliy on Facebook Linkage Page Allows Full Account takerover of Socialclub Accounts.

Reported by: netfuzzer | Disclosed:

High

Weakness: Cross-Site Request Forgery (CSRF)

Image Injection Vulnerability on /bully/screens

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Information Disclosure

xss on https://www.rockstargames.com/GTAOnline/jp/screens/

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Generic

flash injection in http://www.rockstargames.com/IV/imgPlayer/imageEmbed.swf

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Resource Injection

Profile bio at rockstar is accepting control characters

Reported by: exception | Disclosed:

Low

Weakness: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

Bounty: $350.00

Image injection /br/games/info may lead to phishing attacks or FB OAuth theft.

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Information Disclosure

Stored XSS on profile page via Steam display name

Reported by: alexbirsan | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

Bounty: $1250.00

Facebook OAuth Code Theft through referer leakage on support.rockstargames.com

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Cross-Site Request Forgery (CSRF)

full path disclosure on www.rockstargames.com via apache filename brute forcing

Reported by: geeknik | Disclosed:

Low

Weakness: Information Disclosure

Unserialize leading to arbitrary PHP function invoke

Reported by: someguyfromthepast | Disclosed:

Critical

Weakness: Code Injection

DOM based XSS on /GTAOnline/de/news/article via "returnUrl" parameter

Reported by: netfuzzer | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - DOM

Open redirect vulnerability

Reported by: jtjisgod | Disclosed:

Low

Weakness: Open Redirect

Bounty: $250.00

Minor Account Privacy can Set to Everyone.

Reported by: gevakun | Disclosed:

Low

Weakness: Insecure Direct Object Reference (IDOR)

CSRF Vulnerability allows attackers to steal SocialClub private token.

Reported by: netfuzzer | Disclosed:

High

Weakness: Cross-Site Request Forgery (CSRF)

Stored XSS in snapmatic comments

Reported by: alexbirsan | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Stored

Bounty: $1000.00

Reflected XSS in reddeadredemption Site located at www.rockstargames.com/reddeadredemption

Reported by: nahamsec | Disclosed:

Medium

Weakness: Cross-site Scripting (XSS) - Generic

Social Club Account Takeover Via RGL And Steam/Epic Linked Account

Reported by: hacktus | Disclosed:

High

Weakness: Privilege Escalation

Bounty: $1000.00

Stored XSS on member post feed

Reported by: 0x0luke | Disclosed:

High

Weakness: Cross-site Scripting (XSS) - Stored

Bounty: $1000.00

Previous Page 4 of 6 Next