I made a website to compare prices across regions for Nintendo Switch games. It started as a Google Spreadsheet but because of traffic I quickly had to move to a standalone website. Getting around 2M users per months now. I’m trying to keep the ads to a minimum, and I’m partnering with online stores for gift cards.
I live in Montpellier. It’s free for the whole metropole, meaning Montpellier and the 30 cities around it
I would argue this might make xz safer mid-term. So much eyes on it. I’m not familiar with other solutions, but who’s to say the bad actor won’t try a similar trick elsewhere
From the fix, I believe the custom emojis were not double checked after a user submits a post. The post data was used to display the emojis, and thus allowing injection.
The fix now is to search the emojis in the custom emojis list from the backend rather than the user post.
You can even see the decline in posts and votes before GPT became mainstream. This definitely look more like search engine failing to get rid of those cheap copycats.