Valve Fixes Security Flaws In Steam Community

The Steam community site was deemed unsafe due to XSS (cross-site scripting) exploit that redirect users to a fake or phishing site, and compromise Steam users account. There’s a chance that users might lose their Steam Wallet funds from this vulnerability.

valve account

A post on Steam subreddit warns users of what the exploit does and advises users against clicking on Steam profile links.

  • Redirect you to any non-steam page, for example a phishing login page. From a user perspective it is you going to a legitimate Steam profile, then you see a login page.
  • Utilize scripting to use your Steam Market funds on any item the malicious user chooses, you wouldn’t even need to confirm anything as you’re on a valid login session.
  • Manipulate elements on the page as they see fit.
Currently, there is a risk (i.e. phishing, malicious script execution, etc.) involved when viewing or simply opening PROFILE pages of other steam users as well as your OWN activity feed (both desktop and mobile versions on all browsers including steam browser/chromium),” the warning says. “I would advise against viewing suspicious profiles until further notice and disable JavaScript in your browser options. Do NOT click suspicious (real) steam profile links and Disable JavaScript on Browser.

The good news is that the issue has been fixed by Valve.

Related posts

Latest Nintendo Switch Update Adds Video Capture and Save Transfers

Latest Nintendo Switch Update Adds Video Capture and Save Transfers


Latest Nintendo Switch Update Adds Video Capture and Save Transfers

Nintendo has launched a new update version 4.0.0 for the Nintendo Switch which enables video capture and the capability to transfer user profiles and save data to another console. Starting on October 18th, the video capture feature will only be available to four games: The Legend of...

Destiny 2 PC Launch Trailer Comes With Stunning 4K Graphics

Destiny 2 PC Launch Trailer Comes With Stunning 4K Graphics


Destiny 2 PC Launch Trailer Comes With Stunning 4K Graphics

Destiny 2 is coming to the PC on October 24th, next week and a new trailer was released ahead of launch showing what the game looks like in 4K. The PC version of Destiny 2 will be similar to the console version, but with extra advantages, such as uncapped frame rates and also support for...

Doom Gets A November Release Date For Nintendo Switch

Doom Gets A November Release Date For Nintendo Switch


Doom Gets A November Release Date For Nintendo Switch

Bethesda has formally confirmed the launch date for Doom's Nintendo Switch version: on November 10th, 2017 for both North America and Europe. The company also collaborated with Nintendo to set out a new video containing interviews with executive producer Marty Stratton and creative director Hugo...

Leave a comment