FWIW, right now it seems unlikely that your password was accessible to anyone. Your login cookie may have been taken if you accessed Lemmy on a web browser (apps are likely fine), so you would want to clear your Lemmy cookies and cache once this is over.
But I’m speculating, and changing your password is never a bad idea!
What do you mean? Is there something that us normal users can do to mitigate this? Or do we just hope that the devs and admins resolve this?
Removed by mod
Thanks for the explanation.
I’ve already made the decision earlier to change my passwords (on all my accounts on different instances) after this has been resolved.
FWIW, right now it seems unlikely that your password was accessible to anyone. Your login cookie may have been taken if you accessed Lemmy on a web browser (apps are likely fine), so you would want to clear your Lemmy cookies and cache once this is over.
But I’m speculating, and changing your password is never a bad idea!
Thanks!
Fighting the urge to clear my cookies and cache right now, lol!
Looks like it could be some kind of markdown parser injection, where they manage to forcefully close the HTML src property and enter their own