CVE-2023-46480

EPSS 1.5%

OwnCast remote code execution vulnerability

Published: 11/28/2023Modified: 11/28/2023

Description

An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function.

Affected packages (1)

Go/github.com/owncast/owncastfrom 0, <= 0.1.1

References (3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-46480
PATCHhttps://github.com/owncast/owncast
WEBhttps://github.com/shahzaibak96/CVE-2023-46480