Certain UGC packages when equipped can kill / fling other players very far away. This is present in our roleplay game where players can equip items directly from the marketplace.
The package and specific reproduction steps including a link to the package has been attached privately to prevent bad actors from using it.
A private message is associated with this bug report
Hey 
Engineers are aware of this and multiple other vulnerabilities with UGC items and they’re looking into it. They’ve been focusing on fixing the lag vulnerability reported here:
I’ve linked your post to them privately and I’ll keep you updated with anything I hear back in PMs (if they don’t update you themselves in this thread). There’s groups of users buying and selling these kinds of avatar items on black market Discord servers and I’ve been personally investigating it for the past week or two after my servers were crashing as a result of the lag accessories, and reporting back to engineers with my findings. The fling bundles are just one of the issues here; aforementioned, there are accessories that lag/crash servers, hugely oversized ones that fill up the entire map, and fling bundles - all of which are being addressed right now.
If your game is being severely affected by this issue, I can PM you a temporary solution I developed for Washiez to detect and remove the exploitative bundles from users who have them equipped. Let me know!
The way this works is that the bundles contain body parts with extremely high masses (like, billions to trillions) and hence fling unanchored parts as well as players if player-to-player collisions are on. From what I know, these can no longer be uploaded as a proper patch has been put in place on Roblox’s end, but the ones that were uploaded have not yet been taken down.
I already sent around 3 of these abusive bundles to engineers a while ago, so rest assured they’re looking into it. Feel free to send me any other ones in PMs.
This issue has been resolved now. Please do let us know if you encounter any more issues with mass-abusing characters or bundles.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.