CVE-2024-6301
5.3MEDIUMLack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs
Publicado: 6/25/2024Actualizado: 11/21/2024
Descripción
Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs
Análisis IAImpulsado por IA
Productos Afectados
conduitconduit
Referencias
- https://conduit.rs/changelog/#v0-8-0-2024-06-12Release Notes
- https://gitlab.com/famedly/conduit/-/releases/v0.8.0Release Notes
- https://conduit.rs/changelog/#v0-8-0-2024-06-12Release Notes
- https://gitlab.com/famedly/conduit/-/releases/v0.8.0Release Notes