Unfiltered input allows for XSS in "Playtime Item Grants" fields

Enter ">test in any of the 3 fields, save it and reload the page. Impact Stored XSS, could possibly break some internal features too as the stored value is not an integer. The hacker selected the Cross-site Scripting (XSS) - Stored weakness. This vulnerability type requires contextual information from the hacker. They provided the following answers: URL https://partner.steamgames.com/apps/inventoryservice/[xxx]