Filtered by vendor Misskey
Subscriptions
Filtered by product Misskey
Subscriptions
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-39169 | 1 Misskey | 1 Misskey | 2024-11-21 | 8 High |
| Misskey is a decentralized microblogging platform. In versions of Misskey prior to 12.51.0, malicious actors can use the web client built-in dialog to display a malicious string, leading to cross-site scripting (XSS). XSS could compromise the API request token. This issue has been fixed in version 12.51.0. There are no known workarounds aside from upgrading. | ||||
| CVE-2019-1020010 | 1 Misskey | 1 Misskey | 2024-11-21 | N/A |
| Misskey before 10.102.4 allows hijacking a user's token. | ||||