iZac 109 Posted February 7, 2017 (edited) According to this reddit post and the stickied comment there is an exploit which allows people to run scripts on your browser if you visit their Steam profile. Figured it would be worth giving a heads up so people know to not go on any random profile they get linked to. According to the post disabling JavaScript means you'll be safe from it, so that might be worth doing until Steam patches the exploit Edited February 7, 2017 by iZac Quote Share this post Link to post
Blyss 975 Posted February 7, 2017 UPDATE: THIS EXPLOIT HAS BEEN FIXED, YOU CAN VIEW PROFILES SAFELY NOW. Quote Share this post Link to post
Sniffles 175 Posted February 7, 2017 Don't forget to check out my profile guys Quote Share this post Link to post
iZac 109 Posted February 7, 2017 17 minutes ago, Blyss said: UPDATE: THIS EXPLOIT HAS BEEN FIXED, YOU CAN VIEW PROFILES SAFELY NOW. Well, at least my thread had some validity for 15 minutes ? Quote Share this post Link to post
Revan The Dragon 121 Posted February 7, 2017 I remember seeing this exploit last year and a couple of years before that --- kinda depressing that Valve haven't figured out how to just stop it entirely. Thankfully it's been patched again (for now), but I expect to see it again in the future. Now that I think about it I did have a suspicious amount of friend requests this morning, never clicked on their profiles but they had scam-sounding website links in their names, default avatars etc. 1 SonyTwan reacted to this Quote Share this post Link to post