CVE-2024-6301 Origin Validation Error in Conduit

Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs...

CVE-2024-6301 Origin Validation Error in Conduit

Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs...

CVE-2024-6301

Conduit (federation API) is affected by CVE-2024-6301: lack of origin validation in the federation API allows any remote server to impersonate any user from any server in most EDUs. The vulnerability affects Conduit versions prior to 0.8.0. Root cause: insufficient validation of origin in federat...