Side-note: I don't think an XML parser is even needed on the Fediverse anymore. Everything is in JSON. This is unfortunate.
New Pleroma vuln dropped: https://gitlab.com/soapbox-pub/rebased/-/merge_requests/264/diffs
Yes, this is a new one that isn't the same as the one from yesterday.
I don't completely understand the impact of this one, but you need to upgrade your server again. It seems bad but I'm not sure exactly how to exploit it.
Discussion
No replies yet.