G59@lemmy.ml to Fediverse@lemmy.mlEnglish · edit-21 year agoPSA: Lemmy.world has been compromised!message-squaremessage-square207fedilinkarrow-up1348file-text
arrow-up1348message-squarePSA: Lemmy.world has been compromised!G59@lemmy.ml to Fediverse@lemmy.mlEnglish · edit-21 year agomessage-square207fedilinkfile-text
minus-squareredcalcium@c.calciumlabs.comlinkfedilinkEnglisharrow-up4·1 year agoXSS is a blanket term for vulnerabilities that allows attackers to inject client-side scripts. Looks like someone is already identified and submitted a pull request that contain a fix: https://github.com/LemmyNet/lemmy-ui/pull/1897/files
minus-squarebarsoap@lemm.eelinkfedilinkEnglisharrow-up1·1 year agoAaaargh yeah using typescript doesn’t do jack when your API is stringly-typed. This erm wouldn’t have happened on the backend.
XSS is a blanket term for vulnerabilities that allows attackers to inject client-side scripts. Looks like someone is already identified and submitted a pull request that contain a fix: https://github.com/LemmyNet/lemmy-ui/pull/1897/files
Aaaargh yeah using typescript doesn’t do jack when your API is stringly-typed. This erm wouldn’t have happened on the backend.