nexkey is a microblogging platform. Insufficient validation of ActivityPub requests received in inbox could allow any user to impersonate another user in certain circumstances. This issue has been patched in version 12.122.2.Referenceshttps://github.com/nexryai/nexkey/security/advisories/GHSA-fpxw-rw9v-2gmxhttps://github.com/nexryai/nexkey/commit/b96da0eac5a1e75abba94cf926f1251842829bab
