I’m still not entirely sure how all this magic works but would I be correct to assume it’s only thread data that’s transfered across the fediverse? And because Kbin is Kbin, it shouldn’t have the exploit the Lemmy software has right?

Appologies if this seems stupid - it’s a genuine question

  • fiat_lux
    link
    fedilink
    91 year ago

    Yes and no. XSS vulnerabilities are a plentiful problem when there’s user generated content and many developers. But this specific exploit targetted the markdown renderer interacting with custom emoji, which I don’t think is a feature kbin has?