I wonder if the steam forums are safe. Seems like anything you can execute in your profile should be able to execute on the forums as well.
Comment has been collapsed.
Well I hope it's fixed soon. I guess I'll stop sending out gifts for a while until it's fixed
Comment has been collapsed.
last i knew it was a vehicle
but steam loves this stupid little things like Thanks for Skyrim,Heresy,and countless others for some reason people like to be a follower and not a leader so they copy what others say and think it is funny when it just silly and annoying.
None the less it just how i feel and this whole exploit thing just get use to it as long as idiots fall for scams and click on links they should not and have inventory it is always going to be at risk.Pretty much as long as there is steam gifts and trading there will always be hackers or exploits to just and scam people out of there stuff.
Comment has been collapsed.
Thx to for the heads up..and in a better world i would have expected Volvo for shutting down the profiles until the problem is solved..
Comment has been collapsed.
Wow, that's interesting. Thank you for the heads up, Deiru.
Comment has been collapsed.
Wasn't there like the SAME issue with steam store pages where devs could put malicious shit on their game page; and it was known for like forever but Valve didn't do shit about it... Then when a dev decided to demonstrate the exploit to urge them to action he got banned or something? You'd think they'd check around for similar things elsewhere after an incident like that....?
Comment has been collapsed.
The XSS issue on Steam Community has been resolved.
https://twitter.com/SteamDB
Comment has been collapsed.
That was quick. But I am afraid to find out for sure. I think I might stay off profiles for the rest of the day just in case they forgot something. lol
Comment has been collapsed.
They could just be saying that to stop people from panicking.
Also check the comments to that tweet, either there is some serious blackmailing and funny stuff going on, or someone didn't read the "list" with those few times when trolling should not be done, no matter how inviting.
Comment has been collapsed.
Well, for one, SteamDB have literally no reason to "Prevent panic", considering they also posted an announcement similar to mine. For another, I'm friends with a lot of the SteamDB guys, I trust their work, and they've shown enough to me that I can see it is fixed.
Comment has been collapsed.
SteamB have no reason to report the issue in the first place either then.
You are friends with them you say, doesn't mean much to me since i dont know you, but i have no reason not to trust you. I will keep my hand on my gun and my eyes open though.
Comment has been collapsed.
SteamDB may be a third party, but honestly? They are the best community relations that Steam has. They report on things before I see them on Steam most times, and I have never been misled by them. Exercising caution is always a good idea, but I put my money on profiles being safe again now.
Comment has been collapsed.
3,838 Comments - Last post 39 minutes ago by MeguminShiro
2 Comments - Last post 1 hour ago by QuinlanLJ
173 Comments - Last post 1 hour ago by AmanoTC
23 Comments - Last post 2 hours ago by fr0zenX
49 Comments - Last post 3 hours ago by reigifts
15 Comments - Last post 3 hours ago by Stakaniy
48 Comments - Last post 7 hours ago by CulitoRiko7u7
2,192 Comments - Last post 40 seconds ago by eeev
139 Comments - Last post 7 minutes ago by Jztr
755 Comments - Last post 11 minutes ago by shadowshiv
28 Comments - Last post 18 minutes ago by Orionid
860 Comments - Last post 21 minutes ago by tevemadar
6 Comments - Last post 36 minutes ago by Noodles91
211 Comments - Last post 1 hour ago by aesthesis
Just a major heads up, but there's a huge security flaw that was just exposed, allowing people to execute code on profiles. So far I've only seen one profile that can do this, but it can comment for you, it can load iframes, and it can play youtube videos. It will fuck up your notifications.DO NOT LINK THESE PROFILES IN THE FORUMS, IN CHAT, OR ANYWHERE.
Issue has been fixed. Profiles are now safe again.
Comment has been collapsed.