this post was submitted on 01 Feb 2024
187 points (99.5% liked)

Fediverse

17677 readers
29 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 30 points 9 months ago (10 children)

This advisory will be edited with more details on 2024/02/15, when admins have been given some time to update, as we think any amount of detail would make it very easy to come up with an exploit.

But the commit to fix insufficient origin validation is already visible right there in the repo?

[–] [email protected] 31 points 9 months ago (1 children)

Without a published POC there's a slightly longer window before clueless script kiddies start having a go at exploiting the vulnerability, though.

[–] [email protected] 6 points 9 months ago (1 children)

Script kiddies aren’t the first ones to take advantage of vulns, threat actors are.

[–] [email protected] 8 points 9 months ago (1 children)

That doesn't mean you shouldn't try to contain the blast radius.

load more comments (8 replies)