I'm going to assume the admins here all have 2FA on their accounts, right? in c/meta@lemmy.ml

[-] cpp@sh.itjust.works 8 points 1 year ago

Are you thinking of NoScript? That's what gives me the XSS popups.

permalink
fedilink
source
context

I'm going to assume the admins here all have 2FA on their accounts, right? in c/meta@lemmy.ml

[-] cpp@sh.itjust.works 4 points 1 year ago

uBlock prevents XSS? I didn't know that.

permalink
fedilink
source
context

I'm going to assume the admins here all have 2FA on their accounts, right? in c/meta@lemmy.ml

[-] cpp@sh.itjust.works 8 points 1 year ago

It doesn't matter if they are directly stealing cookies though.

permalink
fedilink
source
context

*Permanently Deleted* in c/lemmy@lemmy.ml

[-] cpp@sh.itjust.works -3 points 1 year ago

This seems like a really basic vulnerability that whoever wrote the code to do that probably should have been aware of. It concerns be about the security of the rest of Lemmy if they're making such basic errors.

permalink
fedilink
source
context

cpp

joined 1 year ago