Valve Fixes Security Flaws In Steam Community

The Steam community site was deemed unsafe due to XSS (cross-site scripting) exploit that redirect users to a fake or phishing site, and compromise Steam users account. There’s a chance that users might lose their Steam Wallet funds from this vulnerability.

valve account

A post on Steam subreddit warns users of what the exploit does and advises users against clicking on Steam profile links.

  • Redirect you to any non-steam page, for example a phishing login page. From a user perspective it is you going to a legitimate Steam profile, then you see a login page.
  • Utilize scripting to use your Steam Market funds on any item the malicious user chooses, you wouldn’t even need to confirm anything as you’re on a valid login session.
  • Manipulate elements on the page as they see fit.
Currently, there is a risk (i.e. phishing, malicious script execution, etc.) involved when viewing or simply opening PROFILE pages of other steam users as well as your OWN activity feed (both desktop and mobile versions on all browsers including steam browser/chromium),” the warning says. “I would advise against viewing suspicious profiles until further notice and disable JavaScript in your browser options. Do NOT click suspicious (real) steam profile links and Disable JavaScript on Browser.

The good news is that the issue has been fixed by Valve.

Related posts

Destiny 2 Causes Spike in WoW Tokens Prices

Destiny 2 Causes Spike in WoW Tokens Prices


Destiny 2 Causes Spike in WoW Tokens Prices

Shortly after the announcement was made by Activision Blizzard that Destiny 2 is going to be playable completely and only through Blizzard launcher, the in-game gold price for WoW Tokens briefly surges to an all-time high in both Europe and North America servers. WoW Tokens can be used to...

Dreadnought Is Accepting Sign-Ups For Open Beta

Dreadnought Is Accepting Sign-Ups For Open Beta


Dreadnought Is Accepting Sign-Ups For Open Beta

Yager Interactive's Dreadnought beta is now open to the public and they're accepting sign-ups if you're interested to give the game a shot. A huge map called Ixion has been added by Yager in the latest game updates, which also includes variations of Rings of Saturn and Red...

Xbox Backward Compatibility Super Sale Offers 279 Games On The Cheap

Xbox Backward Compatibility Super Sale Offers 279 Games On The Cheap


Xbox Backward Compatibility Super Sale Offers 279 Games On The Cheap

Microsoft's backward compatibility super sale is live right now until May 22nd, and many Xbox 360 games are being sold at a huge discount. Save up to 75 percent off on the biggest backward compatibility titles, such as Grand Theft Auto 4, Dead Space 2, Read Dead Redemption, Call of Duty...

Leave a comment