gavi@lemmynsfw.comM to

Lemmy NSFW@lemmynsfw.comEnglish · 1 year ago

A serious vulnerability just discovered in lemmy is causing instances to be compromised. Please join our matrix room or follow us on mastodon for updates if we take the site down temporarily.

2

4

A serious vulnerability just discovered in lemmy is causing instances to be compromised. Please join our matrix room or follow us on mastodon for updates if we take the site down temporarily.

gavi@lemmynsfw.comM to

Lemmy NSFW@lemmynsfw.comEnglish · 1 year ago

2

We have little information currently, but we may at least lock the site down for preemptive safety reasons. There seems to be a serious XSS vulnerability within lemmys code. We have disabled community creation temporarily and are contemplating taking the site down temporarily as well. Please find us below and stay safe, ya’ll.

https://mastodon.world/@lemmynsfw https://matrix.to/#/#lemmynsfw:matrix.org

EDIT: For the time being we have disabled federation, new user sign ups, and community creation.

Chat

Crackhappy@lemmynsfw.com
link
fedilink
English
arrow-up
0·
1 year ago
Good luck. The real problem is that bugs like this in your code that lead to easy XSS script loads like this tend to point to a bigger problem.
- gavi@lemmynsfw.comOPM
  link
  fedilink
  English
  arrow-up
  1·
  1 year ago
  I agree. There needs to be an audit of lemmy entire source.

Lemmy NSFW@lemmynsfw.com

lemmynsfw@lemmynsfw.com

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !lemmynsfw@lemmynsfw.com

Community locked: only moderators can create posts. You can still comment on posts.

Updates about lemmynsfw.com

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

3 users / day
3 users / week
1 user / month
1 user / 6 months
5 local subscribers
5 subscribers
36 Posts
347 Comments
Modlog