CVE-2022-45292

Name of the Vulnerable Software and Affected Versions Funkwhale version 1.2.8

Description The issue concerns user invites that do not permanently expire after being used for signup. These invites can be used again even after an account associated with the invite has been deleted.

Recommendations For Funkwhale version 1.2.8, consider temporarily restricting the use of user invites until a patch is available to prevent their reuse after account deletion. At the moment, there is no information about a newer version that contains a fix for this vulnerability.