描述
Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs
AI分析AI驱动
受影响产品
conduitconduit
参考资料
- https://conduit.rs/changelog/#v0-8-0-2024-06-12Release Notes
- https://gitlab.com/famedly/conduit/-/releases/v0.8.0Release Notes
- https://conduit.rs/changelog/#v0-8-0-2024-06-12Release Notes
- https://gitlab.com/famedly/conduit/-/releases/v0.8.0Release Notes