#Mastodon has disclosed a critical security #vulnerability that enables malicious actors to impersonate and take over any account "due to insufficient origin validation". Tracked as CVE-2024-23832 the details of the flaw are withheld until Feb15th, 2024:
https://thehackernews.com/2024/02/mastodon-vulnerability-allows-hackers.html
Sam Stepanyan :verified: 🐘 /
npub18d…rltg5
2024-02-03 10:10:15
Author Public Key
npub18d0arwv295u03fd825dvn5eharfx25rtrkemffxnar9dzn82drtssrltg5Published at
2024-02-03 10:10:15Event JSON
{
"id": "7bea4e17a5995d06fb83588cc01131afa17b6c86acef35e28c410a587056942c",
"pubkey": "3b5fd1b98a2d38f8a5a7551ac9d337e8d265506b1db3b4a4d3e8cad14cea68d7",
"created_at": 1706955015,
"kind": 1,
"tags": [
[
"t",
"mastodon"
],
[
"t",
"vulnerability"
],
[
"proxy",
"https://infosec.exchange/users/securestep9/statuses/111867003899330181",
"activitypub"
]
],
"content": "#Mastodon has disclosed a critical security #vulnerability that enables malicious actors to impersonate and take over any account \"due to insufficient origin validation\". Tracked as CVE-2024-23832 the details of the flaw are withheld until Feb15th, 2024:\n\nhttps://thehackernews.com/2024/02/mastodon-vulnerability-allows-hackers.html",
"sig": "d5032068515e17e61d39433f37bfeec95190a9c325387b234c5827f49869bc3c58173cbe954c8cf8fe15b898a48192c394b522845f2ff3b26ce3fdd097c8f180"
}