4 matches found
BIT-MASTODON-2025-62174 Mastodon allows continued access after password reset via CLI
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...
CVE-2025-62174
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...
CVE-2025-62174 Mastodon allows continued access after password reset via CLI
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...
PT-2025-41807
Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.2.27 Mastodon versions prior to 4.3.14 Mastodon versions prior to 4.4.6 Description Mastodon is a free, open-source social network server based on ActivityPub. When an administrator resets a user account’s password...