Reflected XSS on help.steampowered.com
Medium
V
Valve
Submitted None
Actions:
Reported by
xpaw
Vulnerability Details
Technical details and impact analysis
URL: https://help.steampowered.com/en/wizard/HelpWithGameIssue/?appid=704740&issueid=125&option=%3Ch1%3Eunfiltered
It puts `option` option into a translation token `<div class="help_page_title">#Help_Game_MissingItemsTitle{user controlled string here}`
And if there's no such translation token, it just prints out the entire user input unescaped.
## Impact
XSS.
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected