Are they just an issue with wefwef or trying to use an exploit

  • I don’t know what Lemmy uses tbh. I don’t even know if the code would work when run. Like i don’t know e.g. if they grab the username(?) correctly. I just understand their intentions but yeah their execution might be horrible.

    • 𝙚𝙧𝙧𝙚
      link
      fedilink
      41 year ago

      I’d be willing to bet they’re using the API to make all the changes. The cookie has the jwt token. I don’t believe you need the username (at least judging by the js API docs).