An XSS security vulnerability was discovered and fixed today. The site was offline for about 1 hour while we worked on the issue.
We do not see any evidence of any account having been compromised by this security bug, but if anyone notices any strange activity on their account, please let us know asap.
Although it appears only a single moderator account was targeted by an attack using the exploit, all users have been forced to log in again. Anyone having trouble logging in should contact us at firstname.lastname@example.org
Thankfully the use of this exploit was stopped by the various other security layers we have in place, and no attacks using the exploit have succeeded as far as we know.
5 years, 4 months ago
23 Jun 2013 05:15 CEST