If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Steam users warned after profile exploit discovered

XSS marks the spot.

Tom Phillips avatar
News by Tom Phillips Editor-in-chief
Updated on

Steam users have today been warned to be careful browsing Steam - an XSS exploit has been discovered which could threaten your account's security.

The issue's existence was made public by a mod on Steam's official Reddit, and Steamdb has also confirmed the exploit to be worth taking note of - at least until Valve wakes up and fixes it.

Steam users are warned to be careful opening any profile pages on the service, and to ignore any suspicious links.

The exploit takes advantage of Steam's XSS (cross-site scripting) code which can be exploited to let others inject their own code. Anyone with the right know-how could harness your profile to perform actions on your behalf.

Anyone who thinks they may have been affected should change their password, enable a mobile authenticator - and scan their system for malware.

Topics in this article

Follow topics and we'll email you when we publish something new about them.  Manage your notification settings .

Subscribe to the Eurogamer.net Daily newsletter

Get the day's most talked about stories straight to your inbox.

About the Author
Tom Phillips avatar

Tom Phillips

Editor-in-chief

Tom is Eurogamer's Editor-in-chief. He writes lots of news, some of the puns and makes sure we put the accent on Pokémon.

Comments
Eurogamer.net logo

Buy things with globes on them

And other lovely Eurogamer merch in our official store!

Explore our store
Eurogamer.net Merch