this post was submitted on 10 Jul 2023
3 points (100.0% liked)

/kbin meta

4 readers
1 users here now

Magazine dedicated to discussions about the kbin itself. Provide feedback, ask questions, suggest improvements, and engage in conversations related to the platform organization, policies, features, and community dynamics. ---- * Roadmap 2023 * m/kbinDevlog * m/kbinDesign

founded 1 year ago
3
Is kbin vulnerable to the same kind of Javascript insertion attack as Lemmy was recently? (kbin.social)
submitted 1 year ago by ZILtoid1991@kbin.social to c/kbinMeta@kbin.social
1 comments fedilink hide all child comments
 

Is kbin vulnerable to the same kind of Javascript insertion attack as Lemmy was recently?

#kbinMeta

top 1 comments
sorted by: hot top controversial new old
[–] Chozo@kbin.social 3 points 1 year ago

@ZILtoid1991 I don't believe so. The exploit involved stealing cookies via the renderer used for custom emojis, which not every Lemmy instance has. I don't believe Kbin has any such features in place, so while it's possible for the exploit to still somehow happen here, it wouldn't be in the exact same way, at the very least.