CVE-2023-25154
- EPSS 0.54%
- Veröffentlicht 22.02.2023 19:15:11
- Zuletzt bearbeitet 21.11.2024 07:49:12
Misskey is an open source, decentralized social media platform. In versions prior to 13.5.0 the link to the instance to the sender that appears when viewing a user or note received through ActivityPub is not properly validated, so by inserting a URL ...
CVE-2021-39195
- EPSS 0.24%
- Veröffentlicht 07.09.2021 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:18:51
Misskey is an open source, decentralized microblogging platform. In affected versions a Server-Side Request Forgery vulnerability exists in "Upload from URL" and remote attachment handling. This could result in the disclosure of non-public informatio...
CVE-2021-39169
- EPSS 0.32%
- Veröffentlicht 27.08.2021 13:15:07
- Zuletzt bearbeitet 21.11.2024 06:18:46
Misskey is a decentralized microblogging platform. In versions of Misskey prior to 12.51.0, malicious actors can use the web client built-in dialog to display a malicious string, leading to cross-site scripting (XSS). XSS could compromise the API req...
CVE-2019-1020010
- EPSS 0.39%
- Veröffentlicht 29.07.2019 13:15:11
- Zuletzt bearbeitet 21.11.2024 04:18:11
Misskey before 10.102.4 allows hijacking a user's token.