• redcalcium
    link
    fedilink
    English
    111 year ago

    It seems the database and the server itself is not compromised? Just an admin account that used to post a markdown XSS exploit?

    • Max-P
      link
      fedilink
      English
      191 year ago

      Pretty much, and it’s not even XSS (it’s not cross-site), it’s just plain basic HTML injection breaking out of Markdown. At least as far as I was able to find.