How AI exposed a festival ticketing flaw with real stakes

Security researcher Ian Carroll used Claude Opus 4.7 in April to help uncover a serious Front Gate Tickets vulnerability. The flaw was patched, but the episode shows how AI-assisted security work can quickly move from finding a bug to testing access, data exposure, and ticket issuance.

WTF Index TERMINATOR
◄ Terminator 4 Idiocracy 0 ►

AI helped turn a suspected ticketing bug into a practical path for bypassing defenses and exposing sensitive systems.

How AI exposed a festival ticketing flaw with real stakes

A security researcher’s test of Front Gate Tickets became a sharp example of what AI-assisted hacking can look like in practice. The case did not involve abstract cyberwar scenarios. It involved festival tickets, staff accounts, exposed records, and the possibility of generating access to major music events.

Ian Carroll, who runs Seats.aero and also conducts independent security research, used Claude Opus 4.7 in April while investigating Front Gate Tickets. Front Gate, a Live Nation Entertainment subsidiary like Ticketmaster, handles ticketing for practically every major US music festival, including Lollapalooza, South by Southwest, and Austin City Limits.

What Carroll found inside Front Gate Tickets

Carroll began looking at Front Gate after considering Electric Daisy Carnival in Las Vegas and noticing the same ticketing company behind many festival sites. As a web vulnerability researcher, he started examining Front Gate’s web domain and identified what appeared to be a SQL injection flaw.

A SQL injection vulnerability can let an attacker place commands into a website input and cause them to run against backend systems. In this case, Carroll initially ran into a web application firewall that appeared to block exploitation.

He then asked Claude Opus 4.7 to help find a way through. According to the source article, the AI tool produced a technique that bypassed the firewall. The key was a “nested SQL query,” meaning one SQL query placed inside another, which avoided the firewall’s detection.

That step mattered because it turned a suspected bug into a working path into sensitive systems. Claude also wrote a script that showed samples from a table of 500 databases containing exposed customer information.

The potential exposure was broad

Carroll believes the vulnerability would have allowed access to information belonging to millions of customers. The exposed customer data included names, emails, and mailing addresses, but not credit card details. The same access also extended to Front Gate staff information.

From there, Carroll found a route into staff accounts. He searched for a super administrator account, triggered a password reset, and located the reset code in the site’s backend after it was sent to the administrator’s email. Using that code, he changed the password and took over the administrator account.

Once inside, Carroll found he could add high-value Bonnaroo tickets as complimentary tickets to a cart. He described seeing a ticket worth $4,000 and being able to issue as many as he wanted. He did not complete an order or actually issue tickets because he was concerned about crossing into fraud.

The issue went beyond one event. Carroll said it appeared the same kind of action could be taken for every event he wanted. A 4-Day "Platinum" Bonnaroo ticket was among the items he found he could add after gaining administrator access.

Front Gate says the flaw was patched

Carroll reported the vulnerability to Front Gate. The company said it patched the issue and thanked him for reporting it. In a statement, Front Gate said: "This was resolved within 24 hours, and we can confirm there is no evidence of exploitation, ticket impact, or compromise of customer information,” the statement reads. “The issue was identified by a responsible security researcher who used AI-assisted tools to bypass standard firewall security controls and access an internal API used by entry scanners at festival venues—not a consumer-facing system or public login portal."

Front Gate also argued that its controls reduced the risk. Its spokesperson said safeguards limited exposure of personal information, staff account changes would trigger an alert, fraudulent ticket issuance would create an audit trail, and tickets created by a hacker would have been found and canceled before use.

The company also said it had detected Carroll’s network access before he contacted its security team. After the original story was published, Front Gate added that “many high-value and VIP tickets” require RFID wristbands that cannot be generated through its online system, meaning those tickets could not have been issued by a hacker.

Carroll, however, noted that Front Gate did not claim to have evidence the vulnerability had not previously been exploited. The company also confirmed his findings after he shared a draft of a blog post about the discovery and did not dispute that he could generate tickets at will.

Why the AI role matters

The most important part of the incident may not be the ticketing angle. It is the speed and capability shown by the AI tool during a real web security investigation.

Carroll is part of Anthropic’s Cyber Verification Program, which lets approved security researchers use its tools for certain hacking functions. He said Claude produced key elements of the attack technique with surprising ease and that there was "a very good chance it could have found this exploit end-to-end without me doing anything at all."

Anthropic told WIRED that it created the Cyber Verification Program so defenders could use advanced security capabilities for research that improves code security. The company also said that, if Carroll had not been part of that program, his use of Claude to hack Front Gate’s systems would have been detected and blocked.

That distinction is central. In this case, the AI-assisted work was done by a researcher who reported the flaw. The same technical pattern, however, shows why companies will have to think differently about common web vulnerabilities, internal APIs, staff account recovery, and firewall rules.

The lesson for online platforms

This incident shows that AI can help compress the time between identifying a likely flaw and building a working exploit. A web application firewall slowed Carroll at first, but Claude helped produce a bypass. A suspected SQL injection became a route to databases, staff records, account takeover, and ticket-generation privileges.

For platforms handling payments, admissions, accounts, or customer records, the lesson is practical. Security controls cannot be evaluated only as isolated barriers. They have to be tested as chains: what happens after a firewall bypass, after database access, after a password reset, and after administrator privileges are reached?

Front Gate says the issue was fixed within 24 hours and that it found no evidence of exploitation, ticket impact, or customer information compromise. Still, the case offers a clear view of the new security environment: AI tools can now assist defenders in finding serious flaws, but the same kind of capability raises the stakes for every system exposed to the web.