The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account.
« Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account, » the maintainers said in a terse advisory.
The vulnerability, tracked as CVE-2024-23832, has a severity rating of 9.4 out of
