Mastodawn

DEFCON 201 Jul 11, 2023

In this video I discuss the recent security updates to Mastodon to fix critical security vulnerabilities that allowed for cross site scripting through oEmbed preview cards (CVE-2023-36459) and Arbitrary file creation through media attachments (CVE-2023-36460 AKA TootRoot) make sure the Mastodon instance you're using is on version 4.1.3 or later.

https://odysee.com/@AlphaNerd:8/mastodon-had-a-critical-security:5?r=5dSbLhamtNqgjc7Tj7jf54M4v1DZjbTD

#mastodon #fediverse #admin #cve #cve202336459 #cve202336460 #patch

Mastodon had a Critical Security Vulnerability

Odysee

zbecker Jul 9, 2023

#mastodon #Fediverse #mastoadmin

Make sure your server is on version 4.1.3+

Critical CVE Found #cve202336459 also known as #tootRoot

https://www.youtube.com/watch?v=3KCyhltnz7w

Mastodon had a Critical Security Vulnerability

YouTube

privacypriority Jul 8, 2023

Unraveling the TootRoot Bug: A Deep Dive into the Critical Vulnerability Impacting Mastodon Servers https://privacypriority.in/2023/07/unraveling-the-tootroot-bug-a-deep-dive-into-the-critical-vulnerability-impacting-mastodon-servers/ #Mastodon, #TootRootBug, #CyberSecurity, #OpenSource, #DecentralizedSocialMedia, #DataPrivacy, #CVE202336460, #CVE202336459, #ServerSecurity #Cybersecurity #News

Unraveling the TootRoot Bug: A Deep Dive into the Critical Vulnerability Impacting Mastodon Servers - privacypriority.in

Mastodon, a decentralized social networking platform that is open-source and free, has recently addressed four security flaws, one of which is of critical severity and could allow cybercriminals to generate arbitrary files on the server through specially designed media files.

privacypriority.in