From @MentalOutlaw:

In this video I discuss the recent security updates to Mastodon to fix critical security vulnerabilities that allowed for cross site scripting through oEmbed preview cards (CVE-2023-36459) and Arbitrary file creation through media attachments (CVE-2023-36460 AKA TootRoot) make sure the Mastodon instance you're using is on version 4.1.3 or later.

https://odysee.com/@AlphaNerd:8/mastodon-had-a-critical-security:5?r=5dSbLhamtNqgjc7Tj7jf54M4v1DZjbTD

#mastodon #fediverse #admin #cve #cve202336459 #cve202336460 #patch