this post was submitted on 20 May 2025
59 points (100.0% liked)

technology

23815 readers
453 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] homhom9000@hexbear.net 18 points 2 weeks ago (5 children)
[–] AernaLingus@hexbear.net 27 points 2 weeks ago* (last edited 2 weeks ago) (4 children)

May 18: I published details about the TeleMessage server's vulnerability in WIRED. TLDR: if anyone on the internet loaded the URL archive.telemessage.com/management/heapdump, they would download a Java heap dump from TeleMessage's archive server, containing plaintext chat logs, among other things.

Lmfao, absolute clown fiesta.

[–] homhom9000@hexbear.net 23 points 2 weeks ago (1 children)

Funniest thing I've read. Like no way it was that easy.

[–] 4am@lemm.ee 16 points 2 weeks ago

Yup, apparently it’s a debug mode in Spring Boot that they just left on in production.

Who’s ass was using that old tech for this stack anyway and being like “oh this is just as secure but with logging!”

Guys it’s almost as if these old fascist pieces of shit didn’t grow up with tech at all

load more comments (2 replies)
load more comments (2 replies)