Vulnerabilities

CVE-2023-49095

by Fred · 30/11/2023

nexkey is a microblogging platform. Insufficient validation of ActivityPub requests received in inbox could allow any user to impersonate another user in certain circumstances. This issue has been patched in version 12.122.2.

Date published : 2023-11-30

https://github.com/nexryai/nexkey/commit/b96da0eac5a1e75abba94cf926f1251842829bab

https://github.com/nexryai/nexkey/security/advisories/GHSA-fpxw-rw9v-2gmx

Similar

Tags: Cybersecurity Alert