xss on https://www.rockstargames.com/GTAOnline/jp/screens/

In this report, the researcher identified a Cross-Site Scripting vulnerability on the /GTAOnline/jp/screens/ section of the website. Cross-Site Scripting can be exploited to steal cookies or help perform other attacks. This was possible because the page would blindly decode and attempt to load any content provided after the last slash; by utilizing a hashing strategy, the researcher was able to show how to take advantage of that behavior to force the page to load an externally hosted script. Thanks to that demonstration, we were able to put protections in place that will keep this behavior from happening any more.