Rockstar Games disclosed on HackerOne: CSRF Vulnerability on...

In this report, the researcher identified a Cross-Site Request Forgery vulnerability that could have allowed attackers to link a Facebook account to another user's Social Club account, and thus gain the ability to log in as the victim. We implemented an anti-CSRF token as part of the account-linking process in order to prevent this behavior and ensure it can no longer be exploited.

12 Jun 2020 ... ... allowed attackers to link a Facebook account to another user's Social ... Vulnerability on https://signin.rockstargames.com/tpa/facebook/link/.

Lee mas