Earlier yesterday we were made aware of an issue about an XSS vulnerability on some JS Challenges.
We have fixed this in production.
As a side effect, the sharing code URLs from profile, and viewing solutions from profiles is disabled.
This is side effect is temporary and is already handled more elegantly in the beta.
We will soon be adding a more clear warning notice on the profile page, for clarification.
Note: none of the progress is lost, and all submitted solutions are safe in the user’s profiles, except we are temporarily limiting the ability to view and share them.
For details you may refer https://github.com/freeCodeCamp/freeCodeCamp/issues/16510
- This only affects viewing solutions from user profiles, view solution link or any link that is shared to you.
- Your solution will be loaded from a local storage copy, if its available there. Meaning, as long as you have not changed computers or cleared you local storage / cookies, your solution will be loaded automatically from there.
We have prepared a fix, and hopefully we will have this on the main site, soon. Just wanted to let you know of our progress: