I appreciate the transparency. Hopefully with more eyes on the source code hacks like this will not happen again.
this post was submitted on 10 Jul 2023
2929 points (99.3% liked)
Lemmy.World Announcements
29079 readers
242 users here now
This Community is intended for posts about the Lemmy.world server by the admins.
Follow us for server news ๐
Outages ๐ฅ
https://status.lemmy.world/
For support with issues at Lemmy.world, go to the Lemmy.world Support community.
Support e-mail
Any support requests are best sent to info@lemmy.world e-mail.
Report contact
- DM https://lemmy.world/u/lwreport
- Email report@lemmy.world (PGP Supported)
Donations ๐
If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.
If you can, please use / switch to Ko-Fi, it has the lowest fees for us
Join the team
founded 2 years ago
MODERATORS
Well done on acting on it so quickly. I think I did see some of the fake announcements you were referring too but were taken down very quickly. Keep up the good work team and thanks for everything you are doing!
Is this why I had to sign in and out of my account on liftoff?
I couldn't comment untill I did that. There may be others!
load more comments
(1 replies)
******* This happened to me, one of my posts had it's photo deleted (I didn't delete it), then when I replaced it, the next time I checked the entire post had been deleted.
I lost some of my post history. Is there a data issue that's come from this? Why are my comments gone?
load more comments
(2 replies)
is that why I can't log into my lemmy.world account?
ok not a problem anymore. seems like I just had to clear my cache and it let me log in
Is a password change advised? How does the JWT cookie and exploit effect apps eg Jerboa?
load more comments
(1 replies)
Thanks to everyone involved for the quick response ๐
Is there a rough time range when it happened? and any news about other big instances like lemmy.ml? Are those safe? Currently they are not on the same version as lemmy.world.
load more comments
(1 replies)
How are you preventing it to happen again until a patch is released from devs?
load more comments
(1 replies)
Amazing how you quickly reacted to this!! Bravo!!
TIP: if you can't login after what happened, clear out your browser cache including ALL cookies, that fixes it (it did for me at least). I believe it's also advisable to change lemmy password.
As someone in EU I didn't even realized there was an issue. Well done and great reaction time! Also thank you for the transparency ๐
I can't log into my account anymore, this one is a new one I've just made. I tried to reset my password but nothing came in the mailbox. I can still see comments and posts from that account though.
It's this one:
And I don't know why but I can't save the profile pic for this account.
Edit: Nvm, I use another email to sign up for Lemmy and forgot about it
You need to delete all cookies for lemmy.world in your browser, then log in again.
load more comments
(1 replies)
Maybe there needs to be a quick rundown how to actually log out and in on clients, seems you can't with jerboa without just wiping the app, and wefwef, you need to delete all accounts.
I see some instances are throwing server errors
Thanks.
Is this why I can't log in on Chrome? I switched to Firefox and it worked.
load more comments
(1 replies)
Great job everyone! Keep it up! Love the transparency!
I see you, Imposter.