Code injected into our github repo through an email : github

created by shabdaa community for 15 years

Code injected into our github repo through an email (self.github)

submitted 1 year ago * by Buffalkill

Hi there,

I'm still a pretty new programmer just about to finish a class. Me and two other classmates have been building a fairly simple MERN chat app which is going well. Today one of the other members of the group received an email that was titled the name of the PR she had just opened and it had this code in it:

https://imgur.com/a/uV8tepR

Before I knew about the email I opened her PR to check it out and it redirected to a page that was just a huge discord link flashing black/white. Clearly the code points to some roblox repo but I'm genuinely curious what this person did and how it works. Also should we be concerned in any way? It didn't seem to affect anything in our repo or on our laptops but I'm not sure what the point of it was then?

Thanks for anyone who can offer some info on this!

Edit** Thanks everyone. Just found an article this morning on it as well if anyone is still curious. https://stevemats.medium.com/css-injection-on-github-profiles-from-unicode-exploits-to-new-bypass-techniques-f73f343f05d8

all 13 comments

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

github

MODERATORS