Most critical of the bugs allowed attackers to root federated instances.

It looks like SDF’s Mastodon instance (v4.0.2) is vulnerable, and requires patching to either 4.1.3 or 4.0.5. I don’t want to back-seat admin, but I know the SDF crew have a lot on their plate. Are they aware of this vulnerability?

EDIT: The instance has now been updated to v4.0.5!

  • CanadaPlusEnglish
    2·
    2 years ago

    I’d just like to say that that name is amazing.