Lemmy accounts can be compromised through custom emojis
Lemmy accounts can be compromised through custom emojis
lemm.ee Recap of the Lemmy XSS incident & steps for mitigation - lemm.ee
# UPDATE: The latest RC version of Lemmy-ui (0.18.2-rc.2) contains fixes for the issue, but if you believe you were vulnerable, you should still rotate your JWT secret after upgrading! Read below for instructions. Removing custom emoji is no longer necessary after upgrading. Original post follows: -...
Not sure if compuverse.uk has some of these, but to make sure here is the news and how to mitigate it.
0 comments