Mastodon Social Network Patches Critical Flaws Allowing Server Takeover
The most critical vulnerability, CVE-2023-36460, allows hackers to exploit a flaw in the media attachments feature, creating and overwriting files in any location the software could access on an instance.