I wonder if the steam forums are safe. Seems like anything you can execute in your profile should be able to execute on the forums as well.
Comment has been collapsed.
Well I hope it's fixed soon. I guess I'll stop sending out gifts for a while until it's fixed
Comment has been collapsed.
last i knew it was a vehicle
but steam loves this stupid little things like Thanks for Skyrim,Heresy,and countless others for some reason people like to be a follower and not a leader so they copy what others say and think it is funny when it just silly and annoying.
None the less it just how i feel and this whole exploit thing just get use to it as long as idiots fall for scams and click on links they should not and have inventory it is always going to be at risk.Pretty much as long as there is steam gifts and trading there will always be hackers or exploits to just and scam people out of there stuff.
Comment has been collapsed.
Thx to for the heads up..and in a better world i would have expected Volvo for shutting down the profiles until the problem is solved..
Comment has been collapsed.
Wow, that's interesting. Thank you for the heads up, Deiru.
Comment has been collapsed.
Wasn't there like the SAME issue with steam store pages where devs could put malicious shit on their game page; and it was known for like forever but Valve didn't do shit about it... Then when a dev decided to demonstrate the exploit to urge them to action he got banned or something? You'd think they'd check around for similar things elsewhere after an incident like that....?
Comment has been collapsed.
Yeah, that was Timmy, the PR guy from SCS Software aka the Euro Truck devs.
Comment has been collapsed.
The XSS issue on Steam Community has been resolved.
https://twitter.com/SteamDB
Comment has been collapsed.
That was quick. But I am afraid to find out for sure. I think I might stay off profiles for the rest of the day just in case they forgot something. lol
Comment has been collapsed.
They could just be saying that to stop people from panicking.
Also check the comments to that tweet, either there is some serious blackmailing and funny stuff going on, or someone didn't read the "list" with those few times when trolling should not be done, no matter how inviting.
Comment has been collapsed.
Well, for one, SteamDB have literally no reason to "Prevent panic", considering they also posted an announcement similar to mine. For another, I'm friends with a lot of the SteamDB guys, I trust their work, and they've shown enough to me that I can see it is fixed.
Comment has been collapsed.
SteamB have no reason to report the issue in the first place either then.
You are friends with them you say, doesn't mean much to me since i dont know you, but i have no reason not to trust you. I will keep my hand on my gun and my eyes open though.
Comment has been collapsed.
SteamDB may be a third party, but honestly? They are the best community relations that Steam has. They report on things before I see them on Steam most times, and I have never been misled by them. Exercising caution is always a good idea, but I put my money on profiles being safe again now.
Comment has been collapsed.
77 Comments - Last post 58 minutes ago by JHartmann
1,709 Comments - Last post 2 hours ago by SebastianCrenshaw
4 Comments - Last post 2 hours ago by WastedYears
35 Comments - Last post 3 hours ago by sensualshakti
151 Comments - Last post 4 hours ago by MeguminShiro
519 Comments - Last post 5 hours ago by Choutas
11 Comments - Last post 6 hours ago by doomofdoom
1,564 Comments - Last post 6 minutes ago by Gelweo
149 Comments - Last post 8 minutes ago by Lyselfia
6 Comments - Last post 15 minutes ago by nonegiven
12 Comments - Last post 18 minutes ago by wigglenose
30 Comments - Last post 22 minutes ago by Fluffster
141 Comments - Last post 38 minutes ago by ShroudOfLethe
218 Comments - Last post 39 minutes ago by ngoclong19
Just a major heads up, but there's a huge security flaw that was just exposed, allowing people to execute code on profiles. So far I've only seen one profile that can do this, but it can comment for you, it can load iframes, and it can play youtube videos. It will fuck up your notifications.DO NOT LINK THESE PROFILES IN THE FORUMS, IN CHAT, OR ANYWHERE.
Issue has been fixed. Profiles are now safe again.
Comment has been collapsed.