Summary by Opera Public Bug Bounty
An XSS was found involving two GET parameters which would be reflected into the page, allowing for javascript to be run.
An XSS was found involving two GET parameters which would be reflected into the page, allowing for javascript to be run.
A Reflected Cross-Site Scripting (XSS) vulnerability was found affecting multiple https://gamemaker.io
endpoints via the error
and notice
URL parameters.