/kbin meta

4 readers

1 users here now

Magazine dedicated to discussions about the kbin itself. Provide feedback, ask questions, suggest improvements, and engage in conversations related to the platform organization, policies, features, and community dynamics. ---- * Roadmap 2023 * m/kbinDevlog * m/kbinDesign

founded 1 year ago

Is kbin vulnerable to the same kind of Javascript insertion attack as Lemmy was recently? (kbin.social)

submitted 1 year ago by ZILtoid1991@kbin.social to c/kbinMeta@kbin.social

1 comments fedilink hide all child comments

Is kbin vulnerable to the same kind of Javascript insertion attack as Lemmy was recently?

#kbinMeta

you are viewing a single comment's thread
view the rest of the comments

[–] Chozo@kbin.social 3 points 1 year ago

@ZILtoid1991 I don't believe so. The exploit involved stealing cookies via the renderer used for custom emojis, which not every Lemmy instance has. I don't believe Kbin has any such features in place, so while it's possible for the exploit to still somehow happen here, it wouldn't be in the exact same way, at the very least.