We have little information currently, but we may at least lock the site down for preemptive safety reasons. There seems to be a serious XSS vulnerability within lemmys code. We have disabled community creation temporarily and are contemplating taking the site down temporarily as well. Please find us below and stay safe, ya’ll.
https://mastodon.world/@lemmynsfw https://matrix.to/#/#lemmynsfw:matrix.org
You must log in or register to comment.
Thanks for the heads up! Sounds serious. Keeping fingers crossed that it will get fixed quickly.
Good luck. The real problem is that bugs like this in your code that lead to easy XSS script loads like this tend to point to a bigger problem.
I agree. There needs to be an audit of lemmy entire source.
