Security Issue: Age-Based Chat System Bypass

Bug Reports Roblox Application and Website Bugs
,
1

:warning:I identified a potential bypass of Roblox’s age-based chat safety enforcement in a live experience.:warning:

In the experience with Game ID: 7999948656, the current platform chat system does not appear to be enforced. The standard system notice:

“ONLY PEOPLE IN A SIMILAR AGE GROUP CAN CHAT WITH YOU”

never appears, and players are able to communicate freely without any visible age-based restrictions.

The chat UI and behavior strongly resemble the legacy chat system, despite the experience being live, public, and accessible to all users. This behavior is inconsistent with Roblox’s current chat safety model and differs from what is observed in other modern experiences.

Region-Specific Behavior (Key Concern)

What makes this case particularly concerning is that the behavior appears to be region-specific.

I am based in Israel, where Roblox has already rolled out the current age-based chat restrictions. In all standard experiences available in my region, this system is active and clearly enforced.

However, in this specific experience:

  • The age-based restriction notice is completely absent when joining from Israel
  • Chat behaves identically to legacy chat
  • Other users outside the region appear to see default / expected chat behavior

This suggests the issue is not a global custom chat replacement, but rather a conditional application of chat behavior (e.g., region, account type, rollout flags, or configuration state).

If this were an intentional or standard implementation, the behavior would be consistent for all users.

Impact

  • Age-based chat enforcement is not applied in affected regions
  • No system indication of age-group limitations
  • Unrestricted cross-age communication
  • Potential exposure of minors to unintended interactions
  • Practical bypass of Roblox’s intended chat safety controls

Steps to Reproduce

  1. Log into an account located in Israel (where age-based chat restrictions are active platform-wide)
  2. Join the experience (Game ID: 7999948656)
  3. Open in-game chat
  4. Observe missing age-restriction notice and legacy-style chat behavior

Expected Behavior

The experience should enforce Roblox’s current age-based chat restrictions consistently across regions and display the standard system notice, in line with platform policy and rollout status.

Environment

  • Platform: Roblox Player (Desktop)
  • OS: Windows 10
  • Region: Israel
  • Beta Features: None enabled

Additional Notes

This behavior strongly suggests a misconfiguration, unintended legacy chat fallback, or region-conditional enforcement bypass of the current chat system.

Visual comparisons with standard experiences can be provided if required.

Expected behavior

image
image406×179 3.83 KB

image
image515×226 24.9 KB

2 Likes
2

A clarification from Roblox staff on whether this behavior is intended would be appreciated!!

3

Thanks for reporting! Appropriate actions were taken.