Shaun Prescott reports:
A League of Legends exploit allowing browser access to the game’s store as a means to hacking other player accounts, is being addressed by Riot.
According to witness reports on Reddit, the exploit allows users to access the League of Legends store from a web browser rather than the game client. With access to a user’s Summoner ID and a session token, the perpetrator is able to make RP and IP transactions on that user’s behalf.
A Riot spokesperson acknowledged and addressed the issue in the League of Legends Reddit.
Read more on PC Gamer.