@Teppic Yea, so for the folks who are thinking what is going on. I was checking whether Kbin is correctly escaping HTML/JS code from the body content when posting a thread or post. If this code create a button on your kbin instance with a pop-up alert, you should really upgrade your kbin instance indeed. As you stated correctly, this is very innocent code can’t do any harm. However, if you are very handy you could do all kind of HTML or JS injection into this site. Without people / users even noticing.
@Teppic Yea, so for the folks who are thinking what is going on. I was checking whether Kbin is correctly escaping HTML/JS code from the body content when posting a thread or post. If this code create a button on your kbin instance with a pop-up alert, you should really upgrade your kbin instance indeed. As you stated correctly, this is very innocent code can’t do any harm. However, if you are very handy you could do all kind of HTML or JS injection into this site. Without people / users even noticing.