Image Injection/XSS vulnerability affecting https://www.rockstargames.com/newswire/article

In this report, the researcher demonstrated a method to chain together separate vulnerabilities that, under certain conditions, could cause a user's Facebook Oauth tokens to leak via the Referer header. The specific vulnerability that was addressed in this report was the image injection/XSS component of the attack chain. Specifically, the researcher found an image injection and XSS vulnerability impacting `https://rockstargames.com/newswire/article` that when combined with other vulnerabilities would cause the behavior described above. We have since fixed multiple components of this attack chain, including an open redirect and the image injection vulnerability initially described in this report.