The FIFA ticketing platform on Friday temporarily blocked user access after detecting what it described as a potential cross-site scripting (XSS) attack attempt.

Several users trying to complete their transactions were met with an error screen displaying the message: “An XSS attack attempt has been detected. Close this screen and return to the store.” The warning appeared just as users approached the final stages of the ticket purchase process.

XSS attacks typically occur when malicious code is injected into a trusted website, potentially compromising user data or the integrity of a platform. FIFA’s system appears to have triggered an automated security response designed to protect both the platform and its users.

Although the message indicated no breach, the alert prevented further access, requiring users to return to the ticketing home page. It remains unclear whether the disruption was triggered by an actual threat, a false alarm, or a technical glitch within the system’s security filters.

There has been no official statement from FIFA yet on the cause of the interruption or whether affected users will need to repeat their purchase process.