EDIT: If logging in is not working, try cleaning your cookies for Burggit.moe.
We are now officially patched against the exploit which was effecting us and now have registrations reopened!
Huge thanks to @[email protected] for helping us identify the exploit!
You will need to log in again as we have cleared previous authentication sessions for added security.
We did it, Burggit!
Added some mitigations for an API endpoint to stop another related exploit that @[email protected] made me aware of.
Just wanted to write thank you to everyone involved in fixing this super quick, including the people who spread awareness about this issue.
Have a nice day!
You guys always work so fast
We try to stay on top of things. @[email protected] is especially quick at getting stuff like this deployed.
Speaking of, we’re now running the official fully patched version. So I took down that mitigation which was just me returning a 403 on the vulnerable API endpoint.
Hey I can log in again! I felt so lost :(
i found you, no worries, you’re here :)
