Unrated severityNVD Advisory· Published Nov 29, 2023· Updated Aug 2, 2024
Misskey's missing signature validation allows arbitrary users to impersonate any remote user.
CVE-2023-49079
Description
Misskey is an open source, decentralized social media platform. Misskey's missing signature validation allows arbitrary users to impersonate any remote user. This issue has been patched in version 2023.11.1-beta.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<2023.11.1-beta.1+ 1 more
- (no CPE)range: <2023.11.1-beta.1
- (no CPE)range: < 2023.11.1-beta.1
Patches
Vulnerability mechanics
References
1- github.com/misskey-dev/misskey/security/advisories/GHSA-3f39-6537-3cgcmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.