DOM BASED XSS ON https://www.rockstargames.com/GTAOnline/features

In this report, the researcher identified a DOM-based Cross-Site Scripting vulnerability under the GTAOnline section of the main site. This could have left to theft of cookies if left unresolved. Interestingly, a core factor in this vulnerability was a regression of a previously identified and resolved directory traversal issue. Thanks to this report we were able to close both the regressed directory traversal issue and the cross-site scripting vulnerability at once.