fra
New member
Hello,
I have discovered a vulnerabilty in the chat feature that allows users to use HTML tags.
Steps to Reproduce:
In game, send a message containing any HTML tag, in my example, I've used the <img src> one.
The UI will actually render the HTML tag, an attacker can use this to disrupt gameplay by making the UI render content on the whole screen, showing NSFW media, or even log other players' IPs.
As for attachment, there is how I was able to obtain my friend's IP address just by sending an image on the game chat.
I don't have tried if this can be used as an RCE, but I suggest to fix it before anyone does.
All the tools that I've used are freely available online, and everything is censored for privacy reasons.
Looking forward to help,
-fra
Update 1: The game won't render the resources from the page but IP grabbing is still possible.
View attachment ip_grab_poc.mp4
I have discovered a vulnerabilty in the chat feature that allows users to use HTML tags.
Steps to Reproduce:
In game, send a message containing any HTML tag, in my example, I've used the <img src> one.
The UI will actually render the HTML tag, an attacker can use this to disrupt gameplay by making the UI render content on the whole screen, showing NSFW media, or even log other players' IPs.
As for attachment, there is how I was able to obtain my friend's IP address just by sending an image on the game chat.
I don't have tried if this can be used as an RCE, but I suggest to fix it before anyone does.
All the tools that I've used are freely available online, and everything is censored for privacy reasons.
Looking forward to help,
-fra
Update 1: The game won't render the resources from the page but IP grabbing is still possible.
View attachment ip_grab_poc.mp4
Last edited: