Sausage security hole
Jun. 12th, 2004 01:48 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
avramIf you see a post that just says:
this is very interesting.
...don’t click it! It’s an annoying and potentially dangerous hack that’ll hijack your browser post itself in your journal, and could be sending your password to someone nasty. I think it’s just a demonstration of a security hole, but avoid it anyway. Some discussion going on in![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-community.gif)
lj_dev.
Oh, and if you did click it? Clear out your browser cache, delete your cookies, and come back to LJ and change your password.
Update: According to some discussion I’ve read, it doesn’t actually grab your password, so you may be safe if you just log out and back in, maybe clearing cookies first. I dunno. I changed my password, ’cause I was overdue for it anyway.
this is very interesting.
...don’t click it! It’s an annoying and potentially dangerous hack that’ll hijack your browser post itself in your journal, and could be sending your password to someone nasty. I think it’s just a demonstration of a security hole, but avoid it anyway. Some discussion going on in
lj_dev.Oh, and if you did click it? Clear out your browser cache, delete your cookies, and come back to LJ and change your password.
Update: According to some discussion I’ve read, it doesn’t actually grab your password, so you may be safe if you just log out and back in, maybe clearing cookies first. I dunno. I changed my password, ’cause I was overdue for it anyway.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
(no subject)
Date: 2004-06-12 06:35 pm (UTC)The only lasting effect is they may be logging the value you submit and the IP you posted from, which again could be used for nefarious purposes if they were so inclined.
(no subject)
Date: 2004-06-13 08:11 pm (UTC)