Critical Vulnerability Exploits Several Lemmy Instances
Critical Vulnerability Exploits Several Lemmy Instances
Several major Lemmy instances were hacked due to an XSS vulnerability. There's a path forward for mitigation, but here's what happened.
Admins, make sure you update to 18.2, this has already been patched:
https://join-lemmy.org/news/2023-07-11_-_Lemmy_Release_v0.18.2
Done!
Bedankt!
Luckily it was resolved quickly.
redirecting users to Lemon Party
I guess it's true; the Fediverse is bringing people back to an earlier time of the internet!
nature is healing!
Lemmy.world not really doing much here to convince Beehaw to refederate…
Not sure why Lemmy.world is to blame for this - we had the same vulnerability - everyone did. I shut down Beehaw because we had the vulnerability.
Oh, I know, but this vulnerability + their open signups…
It's like Lemmy s01e01 and we already have federation war?
It’s not much of a war. Beehaw is just waiting for better mod tools before refederating.
Beehaw.org was at war with Lemmy.world. Beehaw.org had always been at war with Lemmy.world.