For those using Private message on Lemmy, there is a major vulnerability. It
seems that this instance still runs 18.5 I know that our beloved admins are
volunteers and busy, so I don’t blame them for not updating, but while waiting
for the update be aware that your PM are as public as your comments
We’re running the latest Lemmy version (0.19.2) and are not affected by this. Even if we were, there’s nobody here to try this exploit. If anyone did, it would be very obvious to Alice and I since we’d get spammed with fishy looking reports. All of this is moot though, since we are not affected to begin with.
“you’re just saying this so you can read our messages!” lol
> imagine thinking “private” messages are actually even all that private
btw the platform does warn private messages aren’t private next to the PM box, and suggests sending encrypted messages on Element / Matrix instead if they want private encrypted messages
🤣
Yeah, I mean the only real difference between private messages here and private messages on, say, Reddit, is that Lemmy warns you about them being rather unsafe.