Feb. 3, 2024, 6:51 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account.
"Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account," the maintainers said in a terse advisory.
The vulnerability, tracked as CVE-2024-23832, has a severity rating of 9.4 out of

account advisory attackers can critical cve decentralized flaw hackers hijack maintainers malicious malicious actors mastodon network origin security security flaw social social network validation vulnerability

Humbly Confident Security Lead

@ YNAB | Remote

Information Technology Specialist II: Information Security Engineer

@ WBCP, Inc. | Pasadena, CA.

Director of the Air Force Cyber Technical Center of Excellence (CyTCoE)

@ Air Force Institute of Technology | Dayton, OH, USA

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Cybersecurity Subject Matter Expert

@ QinetiQ US | Washington, DC, United States

Program Cybersecurity Manage (F/M/X)

@ Alstom | Villeurbanne, FR