Shodan
Vulnerabilities
Vulnerable Software
Jellyfin:  >> Jellyfin  >> 10.8.2  Security Vulnerabilities
CVE-2023-23635
In Jellyfin 10.8.x through 10.8.3, the name of a collection is vulnerable to stored XSS. This allows an attacker to steal access tokens from the localStorage of the victim.
CVSS Score
5.4
EPSS Score
0.005
Published
2023-02-03
CVE-2023-23636
In Jellyfin 10.8.x through 10.8.3, the name of a playlist is vulnerable to stored XSS. This allows an attacker to steal access tokens from the localStorage of the victim.
CVSS Score
5.4
EPSS Score
0.005
Published
2023-02-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved