this post was submitted on 10 Jul 2023
23 points (100.0% liked)

Community Meta Discussion

727 readers
2 users here now

founded 2 years ago
MODERATORS
 

See post for details, but a quick tl;dr:

Malicious actors were able to inject code using a XSS (cross site scripting) attack and steal JWT tokens for users. Any user who had their token compromised has potentially had their password and email address compromised.

This only applies to instances that have local custom emojis. Posts with custom emojis that are federated in from a remote server are not affected.

We currently have no custom emojis, so if your account is here on TTRPG.network, your account is safe.

If your account is remote to an affected server, i would recommend changing your password asap

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here