CVE-2024-29026
Published
CVSS v3
8.2
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. In versions 0.1.2 and prior, a lenient CORS policy allows attackers to make a cross origin request, reading privileged information. This can be used to leak the admin password. Commit 9215d9ba0f29d62201d3feea9e77dcd274581624 fixes this issue.
Take control over your live stream video by running it yourself. Streaming + chat out of the box.
GitHub