CVE-2024-52590
Misskey vulnerability CVE-2024-52590 is caused by missing validation in ApRequestService.signedGet, enabling an attacker to create spoofed profiles that appear to originate from another instance. Affected Misskey versions prior to 2024.11.0-alpha.3 allow impersonation of existing users on the tar...