Valve: Reflected XSS on help.steampowered.com

2018-08-04T08:13:15
ID H1:390429
Type hackerone
Reporter xpaw
Modified 2019-01-07T20:14:15

Description

URL: https://help.steampowered.com/en/wizard/HelpWithGameIssue/?appid=704740&issueid=125&option=%3Ch1%3Eunfiltered

It puts option option into a translation token <div class="help_page_title">#Help_Game_MissingItemsTitle{user controlled string here}

And if there's no such translation token, it just prints out the entire user input unescaped.

Impact

XSS.