A password will be e-mailed to you.

Steam is an online platform that offers multiplayer gaming and social networking. Steam’s concurrent users jump to above 12 million daily, and is one of the most popular gaming networks. Earlier this week a massive vulnerability in the Steam software was reported.

Yesterday the exploit was revealed on Steam’s subreddit by one of their moderators, R3TR1X. The moderator stated that there was a risk of phishing and malicious script execution when viewing profile pages or one’s own activity feed. The moderator was intentionally vague with the warning to prevent others from exploiting the vulnerability.

R3TR1X stated, “I would advise against viewing suspicious profiles until further notice and disable JavaScript in your browser options. Do NOT click suspicious (real) steam profile links and Disable JavaScript on Browser. Appropriate information has been forward to Valve and this issue should be resolved soon, sorry for any inconvenience.”

The XSS (Cross-site scripting) vulnerability was found and quickly patched by the Steam team. After the fix, the community exploit was then explained via a separate post. Steam concluded, “In truth [you are likely not infected], it is incredibly unlikely with the window of it becoming popular being quite small before Valve patched it up.”