2 matches found
CVE-2023-24812 SQL injection of notes/search-by-tag
Misskey is an open source, decentralized social media platform. In versions prior to 13.3.3 SQL injection is possible due to insufficient parameter validation in the note search API by tag notes/search-by-tag. This has been fixed in version 13.3.3. Users are advised to upgrade. Users unable to...
CVE-2023-24812
Misskey (open source, decentralized social media platform) has a SQL injection vulnerability in versions prior to 13.3.3 caused by insufficient parameter validation in the note search API (notes/search-by-tag). The issue is fixed in version 13.3.3. Recommendation: upgrade to 13.3.3 or later. If u...