User blog comment:MisterWoodhouse/The first specifics on the Unified Community Platform/@comment-5558012-20191016185939/@comment-27345308-20191016192834

MisterWoodhouse, the problem here is that no feature on, other than the source editor, take into account the very nature of MediaWiki CSRF protection mechanism known as edit tokens. Comments, Message Walls, Forum, and basically any feature that isn't a part of standard MediaWiki, after the page is left open for long enough, errors out when actions that modify the database are done on it (such as, in this case, posting a comment), because the user's edit token expired by then and nothing is done to re-fetch these edit tokens.

The mentioned "session hijacking" is a warning that there might have been a CSRF attack occurring when in reality it's just the comments feature trying to post content to the server with an outdated edit token, as it has been doing since its creation. It has nothing to do with ads/malware.