wowow

joined 1 year ago
[–] [email protected] 2 points 1 year ago

The attackers would've been able to get the token used to login but not your password from a vulnerability with custom emoji. Lemmy.world rotated their JWT secret so all logins are invalidated and the vulnerability has been patched. Should be just fine.