this post was submitted on 10 Jul 2023
15 points (100.0% liked)

Moving to: m/AskMbin!

235 readers
6 users here now

### We are moving! **Join us in our new journey as we take a new direction towards the future for this community at mbin, find our new community here and read this post to know more about why we are moving. Thank you and we hope to see you there!**

founded 1 year ago
15
Do we have anything to be concerned with from the Lemmy compromise? (kbin.social)
submitted 1 year ago by [email protected] to c/[email protected]
5 comments fedilink hide all child comments
 

I'm still not entirely sure how all this magic works but would I be correct to assume it's only thread data that's transfered across the fediverse? And because Kbin is Kbin, it shouldn't have the exploit the Lemmy software has right?

Appologies if this seems stupid - it's a genuine question

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 1 year ago

Yes and no. XSS vulnerabilities are a plentiful problem when there's user generated content and many developers. But this specific exploit targetted the markdown renderer interacting with custom emoji, which I don't think is a feature kbin has?