• @zzx
    link
    49 days ago

    I found a vulnerability in their web server that handles their equivalent of game add-ons. I found an authorization bypass that allowed me to look at their admin interface for managing add-ons

    I messaged Gary about it on their discord but never got a response. They patched it right after though