Ask HN: Is Lemmy Suffering an Exploit?
Lemmy might be suffering from an XSS attack [1]. It looks like a few major groups are impacted [2] [3] [4]. It seems odd for them to all suffer admin credentials leaking at the same time.
[1] https://lemmy.ml/post/1896249
[2] https://beehaw.org
[3] https://lemmy.blahaj.zone/
[4] https://lemmy.world/
7 comments
[ 5.3 ms ] story [ 31.0 ms ] threadOne commenter mentions http cookies are used in lemmy. Not familiar with code base so I can’t confirm. So if true then this attack shouldn’t have caused such a widespread outage.
Something else might be going on