Fediverse @lemmy.ml Arthur Besse @lemmy.ml 9 mo. ago

Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

github.com Remote user impersonation and takeover

### Summary Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is vulnerable, as well as...

Fediverse @lemmy.world Otter @lemmy.ca 9 mo. ago

github.com /mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw

Security News @infosec.pub Blaze @discuss.online 9 mo. ago

Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

github.com /mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw

Security @lemmy.ml Arthur Besse @lemmy.ml 9 mo. ago

Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

github.com /mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw

You're viewing a single thread.

16 comments

@cypherpunks
German news:
https://www.heise.de/news/Mastodon-Diebstahl-beliebiger-Identitaeten-im-foederierten-Kurznachrichtendienst-9615961.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege
- nett hier

You've viewed 16 comments.