SocialClub Account Take Over Through Import Friends feature

In this report, the researcher identified a vulnerability in a Social Club feature intended to allow users to import their friends list from Facebook and other social media sites. However, if a targeted victim were to visit a crafted site containing a specific malicious script that exploited this feature, it would become possible for an attacker to gain control of the victim's Social Club account. This would work by forcibly linking a Facebook account under the attacker's control to the victim's Social Club account via CSRF, giving the attacker the ability to log into the victim's Social Club account via Facebook Sign-in. This issue has been resolved and is no longer exploitable.