An inability to decode the character in a user’s post, leading to HTTP 500 response.

In particular it looks like its coming from whatever code is processing the markdown, will attempt to decode the html entities contained and when that fails, crash. Its a bit of an interesting area because the ability to abuse this for censorship is definitely present. Though its also a pretty loud error, so if it were attacked in the wild it probably wouldn’t last too long.

As an attack though, these sorts of character encoding issues are somewhat interesting to see popup. Some languages like Python really don’t like dealing with unexpected characters and its easy to miss all the places text gets handled so they can crop up in some high impact locations.