Owncast is an open source, self-hosted live video streaming and chat server. In affected versions inline scripts are executed when Javascript is parsed via a paste action. This issue is patched in 0.0.9 by blocking unsafe-inline Content Security Policy and specifying the script-src. The worker-src ...
8.2CVSS
6AI Score
0.001EPSS
9.8CVSS
9.8AI Score
0.002EPSS
Server-Side Request Forgery (SSRF) in GitHub repository owncast/owncast prior to 0.1.0.
6.5CVSS
6.8AI Score
0.001EPSS
An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function.
9.8CVSS
9.5AI Score
0.002EPSS