2 matches found
CVE-2024-29026
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. In versions 0.1.2 and prior, a lenient CORS policy allows attackers to make a cross origin request, reading privileged information. This can be used to leak the admin password. Commit...
CVE-2024-29026
Owncast (github.com/owncast/owncast) is affected by CVE-2024-29026 due to a lenient CORS policy in versions 0.1.2 and earlier, allowing cross-origin requests to read privileged information and potentially leak the admin password. The root cause is improper cross-origin access control, as describe...