πŸ…ΊπŸ…ΈπŸ…Ό πŸ†‚πŸ…²πŸ…·πŸ†„πŸ…»πŸ†‰:~$ β–“Feb 1, 2024
har du din egen mastodon instans, sΓ₯ er det tid til at opgradere NU! der er fundet et hul der giver mulighed for account takeover:
https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw
(@jippi, @kramse, @maiathecyberwitch, @valberg ...)
#vulnerability #mastodon #instansadmin #admin #dansketoot #spreadtheword
Remote user impersonation and takeover

### Summary Due to a gap in validation of federated content in the affected Mastodon versions, attackers can craft payloads that impersonate remote ActivityPub actors (federated accounts) as-see...

GitHub