Pixelfed doesn't check OAuth Scopes in API routes, giving elevated permissions
Critical severity
GitHub Reviewed
Published
Feb 10, 2024
in
pixelfed/pixelfed
•
Updated Oct 11, 2024
Give feedback on Dependabot alerts