076萌SNS
  • Login

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Emelia 👸🏻 (thisismissem@hachyderm.io)'s status on Friday, 16-Feb-2024 07:13:47 JST Emelia 👸🏻 Emelia 👸🏻

    Wowzers, that Mastodon CVE recently was quite something:

    • You can inject a post that is attributed to any remote user
    • You can overwrite the server's copy of any remote user
    • You can rekey the server's copy of any remote user, by just listing another key

    The full technical write up is worth a read: https://arcanican.is/excerpts/cve-2024-23832/discovery.htm

    In conversation about 9 months ago from hachyderm.io permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Remote User Impersonation and Takeover via Cache Poisoning
    • matrix07012 :thotpatrol: :cunnyEmpire: likes this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.