Comment on Docker Hub's trust signals are a lie — and Huntarr is just the latest proof
Pika@sh.itjust.works 3 days agoI believe they are talking about this.
If you have it at all exposed to the internet, you should terminate it immediately.
As a summery: Multiple endpoints on the software don’t check for authentication and an unauthenticated person can retrieve your complete settings configuration including your API keys and your password and also change your current configuration, Just by sending a simple POST request.
MIXEDUNIVERS@discuss.tchncs.de 3 days ago
ah yes i have googled it and found the reddit post, when i come home i remove it.it dindn 't have that many funktions i needed, but i did like that it was a controll dashboard.