Valve Fixes Security Flaws In Steam Community

The Steam community site was deemed unsafe due to XSS (cross-site scripting) exploit that redirect users to a fake or phishing site, and compromise Steam users account. There’s a chance that users might lose their Steam Wallet funds from this vulnerability.

valve account

A post on Steam subreddit warns users of what the exploit does and advises users against clicking on Steam profile links.

  • Redirect you to any non-steam page, for example a phishing login page. From a user perspective it is you going to a legitimate Steam profile, then you see a login page.
  • Utilize scripting to use your Steam Market funds on any item the malicious user chooses, you wouldn’t even need to confirm anything as you’re on a valid login session.
  • Manipulate elements on the page as they see fit.
Currently, there is a risk (i.e. phishing, malicious script execution, etc.) involved when viewing or simply opening PROFILE pages of other steam users as well as your OWN activity feed (both desktop and mobile versions on all browsers including steam browser/chromium),” the warning says. “I would advise against viewing suspicious profiles until further notice and disable JavaScript in your browser options. Do NOT click suspicious (real) steam profile links and Disable JavaScript on Browser.

The good news is that the issue has been fixed by Valve.

Related posts

Xbox Games With Gold Lineup For August 2017

Xbox Games With Gold Lineup For August 2017


Xbox Games With Gold Lineup For August 2017

Xbox Live Gold subscribers can look forward to great games to play this coming August. PlatinumGames' universally acclaimed action game Bayonetta will be available through August 15th, followed by Red Faction: Armageddon which is downloadable starting from August 16th till August...

How To Unlock Shin Akuma In Ultra Street Fighter 2: The Final Challengers

How To Unlock Shin Akuma In Ultra Street Fighter 2: The Final Challengers


How To Unlock Shin Akuma In Ultra Street Fighter 2: The Final Challengers

Capcom surprised San Diego Comic-Con attendees with a big announcement that Shin Akuma is a playable character in Ultra Street Fighter 2: The Final Challengers on Nintendo Switch. The panel from Capcom's 30th Anniversary Street Fighter demonstrated the method to play the demon form of Akuma...

Nintendo’s Switch Online Mobile App Is Now Live

Nintendo's Switch Online Mobile App Is Now Live


Nintendo's Switch Online Mobile App Is Now Live

The Nintendo Switch Online mobile app has become available on iOS and Android. Even though Nintendo formerly dated the support for July 21st, the company release it little early, therefore Switch owners can start downloading it now. You can't do much with the app just yet, though...

Leave a comment