Mlmym bug that allows for 302 redirect hijacking - Now fixed in v0.0.40
![](https://lemmy.ca/pictrs/image/5c3eb492-892d-401a-97b5-5b020368d08b.jpeg)
![](https://lemmy.ml/pictrs/image/1f910de9-62b5-43a9-8c93-94821c945577.png)
![/link endpoint allows redirection to any arbitrary URL · Issue #101 · rystaf/mlmym](https://lemmy.ca/pictrs/image/ce68584d-6862-401f-95ca-a71ec8cc499f.png?format=jpg&thumbnail=256)
github.com
Heads up for anyone running mlmym on their instance, your site is probably being used for google SEO manipulation: https://github.com/rystaf/mlmym/issues/101
If you're running an old version, update to v0.0.40!
Cheers, I just started dropping connections to
/link
as well, as a result.Edit: Looks like it was quickly fixed and released in 0.0.40, very cool.
This is now fixed in v0.0.40, go update!