Lemmy.world and some other sites are currently compromised. I just wanted to check the security arrangements here at Feddit to make sure we are not also vulnerable?

You are viewing a single thread.
View all comments
1 point

Compromised how?

permalink
report
reply
5 points

It is about this XSS vuln.: #1895

permalink
report
parent
reply
2 points
Deleted by creator
permalink
report
parent
reply
3 points

Quote from r/lemmy

Lemmy.world has clearly been compromised in some way. I’m able to go to lemmy.world, but the heading has changed, it says “Israel” and there’s some other choice language. I can click a link or two, then it reloads as a chaturbate video or video of a blowjob and a trio of senior gentlemen “getting jiggy.”

Anyone else seeing this? Any ideas about what’s going on? Is this some kind of retaliation over the whole Threads thing?


This issue appears to have been resolved. It seems the mod account MichelleG was hacked or compromised and some mischief in the form of XXS injection/Javascript redirection and whatever else has been perpetrated.

Latest mod log entry shows the compromised mod account has been removed and the lemmy.world instance seems to be back and as it should be.

Edit: oh, well as of one minute ago, it appears Lemmy is compromised again.

Edit 2: Lemmy.world is down, presumably as admins continue to work toward resolving the issue for good. Could be some time differences/admins with different permissions or technical knowledge being asleep to consider as well.

Edit 3: it’s 1AM EST, and Lemmy.World is working for me.

permalink
report
parent
reply

Feddit UK

!feddituk@feddit.uk

Create post

Community for the Feddit UK instance.
A place to log issues, and for the admins to communicate with everyone.

Community stats

  • 1

    Monthly active users

  • 122

    Posts

  • 1.6K

    Comments