147

Are they just an issue with wefwef or trying to use an exploit

you are viewing a single comment's thread
view the rest of the comments
[-] Tartas1995@discuss.tchncs.de 4 points 1 year ago

I don't know what Lemmy uses tbh. I don't even know if the code would work when run. Like i don't know e.g. if they grab the username(?) correctly. I just understand their intentions but yeah their execution might be horrible.

[-] erre@feddit.win 5 points 1 year ago

I'd be willing to bet they're using the API to make all the changes. The cookie has the jwt token. I don't believe you need the username (at least judging by the js API docs).

[-] Tartas1995@discuss.tchncs.de 2 points 1 year ago

Someone said they think it is to know if the user is admin. I haven't verify it. And I tried to make clear that username was a guess.

this post was submitted on 10 Jul 2023
147 points (96.8% liked)

Asklemmy

43950 readers
835 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS