Reddit Official App: "I am able to take mod actions on a sub I'm not a mod in." : reddit

524

Reddit Official App: "I am able to take mod actions on a sub I'm not a mod in." (lemmy.world)

submitted 1 year ago by BuckRowdy@lemmy.world to c/reddit@lemmy.ml

25 comments fedilink hide all child comments

cross-posted from: https://lemmy.world/post/1660712

The hits just keep coming.

you are viewing a single comment's thread
view the rest of the comments

[-] BaumGeist@lemmy.ml 21 points 1 year ago

Wish they had gone through with it. The app is just a front-end that sends requests to the server, presumably the server is where authentication happens (otherwise everyone could just pull up dev tools on their desktop and become insta-mods of any sub with a few tweaks). That being said, if it was a server-side bug, then they have a big problem; otherwise it's just little more than a graphical error.

[-] ryathal@sh.itjust.works 12 points 1 year ago

Broken authorization is absurdly common, especially if they involve graphQl. I wouldn't be surprised if it worked.

this post was submitted on 17 Jul 2023

524 points (99.4% liked)

13435 readers

1 users here now

founded 5 years ago

MODERATORS

norz@lemmy.ml