PT-2022-16596 · Mastodon · Mastodon
Name of the Vulnerable Software and Affected Versions: Mastodon versions 1.6.0 through 3.3.2 Mastodon versions 3.4.x through 3.4.5 Description: The issue is related to incorrect access control due to the failure to compact incoming signed JSON-LD activities. JSON-LD signing has been supported sin...