Impersonation Vulnerability Patched in nexkey Version 12.122.2

Impersonation Vulnerability Patched in nexkey Version 12.122.2

CVE-2023-49095 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

nexkey is a microblogging platform. Insufficient validation of ActivityPub requests received in inbox could allow any user to impersonate another user in certain circumstances. This issue has been patched in version 12.122.2.

Learn more about our User Device Pen Test.