ruffsl@programming.dev to

Programming@programming.devEnglish · 1 year ago

TootRoot | Mastodon had a Critical Security Vulnerability

1

cross-posted to:
fediverse@lemmy.world

16

TootRoot | Mastodon had a Critical Security Vulnerability

ruffsl@programming.dev to

Programming@programming.devEnglish · 1 year ago

1

cross-posted to:
fediverse@lemmy.world

Mastodon had a Critical Security Vulnerability

In this video I discuss the recent security updates to Mastodon to fix critical security vulnerabilities that allowed for cross site scripting through oEmbed...

cross-posted from: https://programming.dev/post/551085

Security advisorys: https://github.com/mastodon/mastodon/security

You must log in or register to comment.

Chat

ruffsl@programming.devOP
link
fedilink
English
arrow-up
5·
1 year ago
For anybody wondering what the Mastodon security issue is - CVE-2023-36460, you can send a toot which makes a webshell on instances that process said toot. #CVE202336460 #TootRoot

https://cyberplace.social/@GossiTheDog/110667416012211236

Programming@programming.dev

programming@programming.dev

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !programming@programming.dev

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person’s post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

Follow the programming.dev instance rules
Keep content related to programming in some way
If you’re posting long videos try to add in some form of tldr for those who don’t want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

community_visibility: public

public_blurb

279 users / day
865 users / week
2.64K users / month
9.07K users / 6 months
number_of_local_subscribers
17.4K subscribers
1.73K Posts
27.1K Comments
Modlog