Rockstar Games: DOM XSS on

ID H1:803934
Type hackerone
Reporter netfuzzer
Modified 2020-06-11T18:57:19


In this report, the researcher identified a DOM-based Cross-Site Scripting vulnerability in the /GTAOnline/feedback endpoint. As we worked together on resolving this matter, the researcher helped us identify other parts of the GTA Online sub-site that suffered from the same vulnerability due to code re-use. The vulnerability has now been fully resolved.