إرسال #186192: Reflected Cross-Site Scripting (XSS) in Embyالمعلومات

عنوان	Reflected Cross-Site Scripting (XSS) in Emby
الوصف	# Vulnerability Description I found a Reflected Cross-Site Scripting （XSS） in the latest version of Emby server version x.x.x.x official address： https://emby.media/ [https://github.com/MediaBrowser/Emby.Releases](https://github.com/MediaBrowser/Emby.Releases/releases/download/x.x.x.x/embyserver-win-x64-4.7.13.0.7z) # Vulnerability Details Everything after /web/ is reflected. See the attachments for an example: ``` http://<ip>:<port>/web/%3Cimg%20sRc=l%20oNerrOr=alert('xss')%20x%3E ``` ![image](https://github.com/whoamiecho/vuls/assets/6848485/f134d630-aa3f-4a12-a425-cc754dfd95f2)
المصدر	⚠️ https://github.com/whoamiecho/vuls/blob/main/emby.md
المستخدم	whoamiechor (UID 51354)
ارسال	23/07/2023 04:59 PM (3 سنوات منذ)
الاعتدال	04/08/2023 11:04 PM (12 days later)
الحالة	تمت الموافقة
إدخال VulDB	236183 [Media Browser Emby Server 4.7.13.0 /web/ البرمجة عبر المواقع]
النقاط	20

Interested in the pricing of exploits?

See the underground prices here!