Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

github.com

cross-posted to:
[email protected]

Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

github.com

Arthur Besse@lemmy.ml to

Fediverse@lemmy.mlEnglish · 1 year ago

cross-posted to:
[email protected]

Remote user impersonation and takeover

github.com

### Summary Due to a gap in validation of federated content in the affected Mastodon versions, attackers can craft payloads that impersonate remote ActivityPub actors (federated accounts) as-see...

You must log in or register to comment.

Chat