📦 Owncast

A Server-Side Request Forgery (SSRF) vulnerability in OwnCast v0.1.1 allows remote attackers to execute arbitrary code and access sensitive information via the authHost parameter in the indieauth func...

This CVE describes a Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability in Owncast versions 0.1.2 and prior. Attackers can exploit the lenient CORS policy to make cross-origin request...

This vulnerability in Owncast allows cross-site scripting (XSS) attacks when users paste content containing inline JavaScript. Attackers can execute arbitrary scripts in victims' browsers, potentially...