CVE-2023-46480

EPSS 1.5%

OwnCast remote code execution vulnerability

發布日:2023/11/28修改日:2023/11/28

描述

An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function.

受影響套件(1)

Go/github.com/owncast/owncastfrom 0, <= 0.1.1

參考連結(3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-46480
PATCHhttps://github.com/owncast/owncast
WEBhttps://github.com/shahzaibak96/CVE-2023-46480