Gamingodcat

joined 1 year ago
[–] [email protected] 32 points 1 year ago* (last edited 1 year ago) (4 children)

This has nothing to do with XSS, it is a simple HTML injection vulnerability, and it can only be exploited by instance admins.

Also Lemmy.world appears to have been running a custom frontend so it’s hard to say how widespread the affects of this are.