Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. In versions 0.1.2 and prior, a lenient CORS policy allows attackers to make a cross origin request, reading privileged information. This can be used to leak the admin password. Commit 9215d9ba0f29d62201d3feea9e77dcd274581624 fixes this issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-03-20T21:55:22.872Z
Updated: 2024-08-02T01:03:51.653Z
Reserved: 2024-03-14T16:59:47.611Z
Link: CVE-2024-29026
Vulnrichment
Updated: 2024-08-02T01:03:51.653Z
NVD
Status : Awaiting Analysis
Published: 2024-03-20T22:15:08.557
Modified: 2024-11-21T09:07:24.033
Link: CVE-2024-29026
Redhat
No data.