Rockstar Games: Referer Referer Header Leakage in language changer may lead to FB token theft

In this report, the researcher discovered an open redirect vulnerability that could be exploited by changing the language on the page at https://www.rockstargames.com/GTAOnline, and cause the user's full URL potentially including sensitive tokens to be included in the Referer header to the new...