Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. In versions 0.1.2 and prior, a lenient CORS policy allows attackers to make a cross origin request, reading privileged information. This can be used to leak the admin password. Commit 9215d9ba0f29d62201d3feea9e77dcd274581624 fixes this issue.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-03-20T21:55:22.872Z

Updated: 2024-08-02T01:03:51.653Z

Reserved: 2024-03-14T16:59:47.611Z

Link: CVE-2024-29026

cve-icon Vulnrichment

Updated: 2024-08-02T01:03:51.653Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-20T22:15:08.557

Modified: 2024-11-21T09:07:24.033

Link: CVE-2024-29026

cve-icon Redhat

No data.