Skip to main content
Solved

revenuecat entitlement’s vulnerability

  • 14 April 2024
  • 1 reply
  • 130 views

Forum|alt.badge.img

Intro

This vulnerable can be used on all app uses revenuecat subscriptions verification.  All code here wrote on JavaScript

Entitlement’s bug

This vulnerable based on getting entitlement’s s from server, example

const params = {

url: "https://api.revenuecat.com/v1/product_entitlement_mapping",

timeout: 5000,

headers: $request.headers

}

delete params["headers"]["x-revenuecat-etag"]

$httpClient.get(params, function(errormsg, response, data) {

if(errormsg) {

err(errormsg)

}

else{

mapping(data)

}

})

 

SSL pinning

SSL pinning is mechanism to stop sending response if traffic was capturing .

Recommendation: add SSL pinning to all app requests

Best answer by Haley Pace

Hi, thank you for sharing this with us. We only accept vulnerability submissions via HackerOne: https://www.hackerone.com

If you submit a support ticket and share you HackerOne username or email address, we can invite you to the program in order to submit your vulnerability for review by our engineering team: https://app.revenuecat.com/settings/support

View original
Did this post help you find an answer to your question?
This post has been closed for comments

1 reply

Forum|alt.badge.img+8
  • RevenueCat Staff
  • 435 replies
  • Answer
  • April 19, 2024

Hi, thank you for sharing this with us. We only accept vulnerability submissions via HackerOne: https://www.hackerone.com

If you submit a support ticket and share you HackerOne username or email address, we can invite you to the program in order to submit your vulnerability for review by our engineering team: https://app.revenuecat.com/settings/support


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings