Security Advisory

CVE-2024-32983

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-03 15:16:26

Last updated 2024-08-02 02:27:53

Assigner GitHub_M

State PUBLISHED

Description

Misskey is an open source, decentralized microblogging platform. Misskey doesnt perform proper normalization on the JSON structures of incoming signed ActivityPub activity objects before processing them, allowing threat actors to spoof the contents of signed activities and impersonate the authors of the original activities. This vulnerability is fixed in 2024.5.0.

← Browse all CVEs View on cve.org ↗