Clockworkmod: >> Scrypted >> 0.7.45 Security Vulnerabilities
Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the `owner' and 'pkg` parameters. An attacker can run arbitrary JavaScript code.
CVSS Score
6.1
EPSS Score
0.004
Published
2023-12-13
Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the login page via the `redirect_uri` parameter. By specifying a url with the javascript scheme (`javascript:`), an attacker can run arbitrary JavaScript code after the login.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-12-13