Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Owncast cross origin request
Vulnerability Description
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. In versions 0.1.2 and prior, a lenient CORS policy allows attackers to make a cross origin request, reading privileged information. This can be used to leak the admin password. Commit 9215d9ba0f29d62201d3feea9e77dcd274581624 fixes this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Owncast 安全漏洞
Vulnerability Description
Owncast是一个开源、自托管、去中心化、单用户实时视频流和聊天服务器。 Owncast 0.1.2及之前版本存在安全漏洞,该漏洞源于宽松的CORS策略允许攻击者发出跨源请求,读取特权信息。
CVSS Information
N/A
Vulnerability Type
N/A