Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832)

Five days after Mastodon developers pushed out fixes for a remotely exploitable account takeover vulnerability (CVE-2024-23832), over 66% of Mastodon servers out there have been upgraded to close the hole. About Mastodon Mastodon is open-source (server) software for running self-hosted social networking services within the wider Fediverse. The Fediverse is powered by the ActivityPub social networking protocol and consists of many social networks powered by different software. Unlike other social media networks, the Fediverse is … More →

The post …

account account hijacking account takeover critical cve developers don't miss fediverse fixes flaw hot stuff mastodon networking patch running security update server servers services social social media social networking software takeover vulnerability