Top navigation Players Media Awards Partners About
Change skin White Black
Partners Medion Intel ASRock Kingston DraftKings


« Previous1Next »
Critical Steam Vulnerability

Today, a brazilian security researcher posted a PoC (proof of concept) of his steam vulnerability.

It’s possible to input JavaScript\HTML in Steam Store tab (inside Steam App.), using the Steam
Protocol (steam://) in a website.

An attacker can do phishing, redirecting the browser in Store tab to a malicious site, steal cookies, list the games that the victim account has, etc.

All the codes, screenshots, information (including the original advisory in PDF) and also a Video could be found in Gabriel Lima's (the author) blog:

(in portuguese, with some information in english too)

Credits: Gabriel Lima - - gabriel (at)


« Previous1Next »

Partners In Win Mionix