DEFCON 201From @MentalOutlaw:
In this video I discuss the recent security updates to Mastodon to fix critical security vulnerabilities that allowed for cross site scripting through oEmbed preview cards (CVE-2023-36459) and Arbitrary file creation through media attachments (CVE-2023-36460 AKA TootRoot) make sure the Mastodon instance you're using is on version 4.1.3 or later.
#mastodon #fediverse #admin #cve #cve202336459 #cve202336460 #patch
