cross-posted from: https://programming.dev/post/551085
Security advisorys: https://github.com/mastodon/mastodon/security
You must log in or register to comment.
Here is an alternative Piped link(s): https://piped.video/watch?v=3KCyhltnz7w
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
For anybody wondering what the Mastodon security issue is - CVE-2023-36460, you can send a toot which makes a webshell on instances that process said toot. #CVE202336460 #TootRoot
hopefully more detailed analysis will come
