Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-36223

Disclosure Date: December 16, 2022 (last updated February 24, 2025)
In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0