It looks like Steam users might want to be careful when browsing Steam as an XSS exploit has been discovered which can seriously affect account security. The issue was made public earlier today and can allow attackers to inject their own code, which could allow someone to hijack your Steam profile and perform various actions on your account.
Steamdb helped publicise the issue, which amongst other things could allow an attacker to send trade offers, sell or buy marketplace items, post comments, make group announcements, join groups and more all on your profile, bypassing Steam’s usual security.
So until Valve fixes this particular exploit, you should be careful when it comes to random friend requests and random links sent via the Steam chat. As of yet, Valve has yet to acknowledge this XSS exploit but hopefully the company will fix it up and make an announcement soon.
KitGuru Says: Stay safe out there guys, the last thing you want is to wake up one day and find all of your marketplace items gone. Hopefully Valve can give us a proper update on this soon.