pull down to refresh

100 sats \ 8 replies \ @ek 1 May 2025 \ parent \ on: What would you do, if you were in the team behind SN? meta

Is this your critical report? If so, that wasn't a responsible disclosure as described in the three links I sent you.

write
preview
100 sats \ 0 replies \ @WeAreAllSatoshi 1 May 2025

And the link I shared to the security advisory page on the GH repo

reply
0 sats \ 4 replies \ @noknees 1 May 2025

you sent me 3 links? where?

reply
100 sats \ 1 reply \ @ek 1 May 2025

I replied to your report on Github.

I am still interested in the XSS vulnerability you said you found.

reply
0 sats \ 0 replies \ @noknees 1 May 2025
  1. Same https://github.com/stackernews/stacker.news/issues/2144#issuecomment-2845280638
  2. i was wrong - i thought the credits settings form was exploitable
reply
100 sats \ 1 reply \ @ek 1 May 2025
reply
0 sats \ 0 replies \ @noknees 1 May 2025

extremely sorry I didn't notice that. Will you accept the issue one or will I create a security advisory?

reply
34 sats \ 1 reply \ @WeAreAllSatoshi 1 May 2025

lol, after all that

reply
0 sats \ 0 replies \ @anon 1 May 2025

lol

reply