Comment on Temporarily Logged As Another User - Potential Security Issue?
AlmightySnoo@lemmy.world 11 months ago
Happened to me too once, I saw a completely different username in the top bar, then it quickly reverted to my username once I clicked somewhere else. I thought it was just a glitch at the time as the instance was very buggy, that was before this instance updated to a 0.18.1 rc I think. Never happened again since then and I don’t know how to reproduce it.
TauZero@mander.xyz 11 months ago
The random user switching had been happening occasionally until some update a month ago, something to do with stale websockets. Never heard of anyone successfully exploiting it, like making posts or seeing PMs. All you get is to see someone else’s username. OP, if it happens to you again, try to make a post quickly before the session throws you out to prove whether it is a security risk!