Lucene search

Emby Security Vulnerabilities

cve

CVE-2023-4167

A vulnerability was found in Media Browser Emby Server 4.7.13.0 and classified as problematic. This issue affects some unknown processing of the file /web/. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be....

6.1CVSS

6.1AI Score

0.001EPSS

2023-08-05 04:15 PM

cve

CVE-2021-25828

Emby Server versions < 4.6.0.50 is vulnerable to Cross Site Scripting (XSS) vulnerability via a crafted GET request to...

6.1CVSS

5.8AI Score

0.0005EPSS

2023-06-28 08:15 PM

cve

CVE-2021-25827

Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local...

9.8CVSS

9AI Score

0.001EPSS

2023-06-28 08:15 PM

cve

CVE-2022-36223

In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator...

6.1CVSS

5.8AI Score

0.001EPSS

2022-12-16 02:15 PM

cve

CVE-2020-26948

Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL...

9.8CVSS

9.4AI Score

0.145EPSS

2020-10-10 09:15 PM