CVE-2023-46480

owncast/owncast

on github

shahzaibak96/CVE-2023-46480

on github

Published

November 27, 2023

Severity

CVSS v3:

9.8 CRITICAL

CVSS v2:

N/A

Description

An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function.

References

https://github.com/owncast/owncast
https://github.com/shahzaibak96/CVE-2023-46480

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:owncast_project:owncast:0.1.1:::::::*	n/a	n/a	0.1.1

External Links

NVD - CVE-2023-46480