Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

github.com

cross-posted to:
fediverse@lemmy.world

Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

github.com

Arthur Besse@lemmy.ml to

Fediverse@lemmy.mlEnglish · 10 months ago

cross-posted to:
fediverse@lemmy.world

Remote user impersonation and takeover

github.com

### Summary Due to a gap in validation of federated content in the affected Mastodon versions, attackers can craft payloads that impersonate remote ActivityPub actors (federated accounts) as-see...

You must log in or # to comment.

Chat