• canpolat@programming.dev
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      To be honest, I cannot be sure that session invalidation actually worked. I could use the session from the day before as well. But the vulnerability was in lemmy-ui, and people not using the web site directly should be fine, I guess. If you want to be on the safe side, you can log out and log back in. It takes only a few seconds.