MalwareLab on Nostr: Critical #vulnerability in #Mastodon. Attackers can impersonate and take over any ...
Critical #vulnerability in #Mastodon. Attackers can impersonate and take over any remote account. Users cannot do anything, this issue mast be solved by admins of Mastodon instances. And they should update their instances as soon as possible, on 2024-02-15 more details about vulnerability will be published.
However, this announcement means that attackers will focus their research to origin validation in Mastodon. So, we can expect exploitation attempts soon. And in two weeks, provided with details from updated announcement, it will be very easy to come up with an exploit, as announcement said.
https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw
However, this announcement means that attackers will focus their research to origin validation in Mastodon. So, we can expect exploitation attempts soon. And in two weeks, provided with details from updated announcement, it will be very easy to come up with an exploit, as announcement said.
https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw