Persistent XSS for Medium accounts
medium.comAs far as I can tell the TLDR here is: domains can have previous owners, who might have made users cache malicious pages forever.
I agree it's a concerning thing, but I must be missing something because I don't see why this is a medium-specific issue - doesn't it impact almost every website?
I think the issue with Medium is that on a conventional self-hosted domain it only puts content and users of that domain at risk. With Medium it not only puts the content at risk but any user's Medium account.