170 matches found
CVE-2021-25827
Emby Server 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address...
CVE-2021-25827
Emby Server 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address...
CVE-2023-33193
Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...
Design/Logic Flaw
Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...
CVE-2023-33193 Emby Server Proxy Header Spoofing Vulnerability
Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...
CVE-2023-33193 Emby Server Proxy Header Spoofing Vulnerability
Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...
CVE-2023-33193 Emby Server Proxy Header Spoofing Vulnerability
Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...
CVE-2023-33193
Emby Server Authentication Bypass (CVE-2023-33193): A proxy-header spoofing flaw allows login without a password or viewing accounts if reverse-proxy headers are mishandled, affecting publicly accessible servers with weak admin login settings. Root cause: spoofed headers misclassify local/non-loc...
Emby Server 环境问题漏洞
Emby Server is a powerful media server for individual developers. The product can be used primarily for integrated multimedia editing such as video audio and photos. A security vulnerability exists in Emby Server versions prior to 4.7.12, which originates from a determination that may affect...
PT-2023-24210
Name of the Vulnerable Software and Affected Versions Emby Server versions prior to 4.7.12 Emby Server Beta versions prior to 4.8.31 Description This issue may allow administrative access to an Emby Server system, depending on certain user account settings. By spoofing certain headers intended fo...
VulnCheck KEV: CVE-2023-33193
Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...
Emby Server <= 4.7.11 XSS Vulnerability
Emby Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Emby Server Cross-Site Scripting Vulnerability (CNVD-2025-20435)
Emby Server is a personal media server software that supports storing, managing, and streaming personal media content with support for multiple device access. A cross-site scripting vulnerability exists in Emby Server, which stems from the lack of effective filtering and escaping of user-supplied...
CVE-2022-36223
In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account...
Design/Logic Flaw
In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account...
CVE-2022-36223
Emby Server 4.6.7.0 is affected by a stored XSS in the playlist name field that can be exploited to steal the administrator access token and take over the media server administrator account. The issue is documented across multiple sources (NVD, Red Hat, CNVD, OSV, etc.). Public exploit details ar...
CVE-2022-36223
In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account...
PT-2022-23265 · Emby · Emby Server
Name of the Vulnerable Software and Affected Versions: Emby Server version 4.6.7.0 Description: The issue affects the playlist name field, which is vulnerable to stored XSS. This vulnerability allows for the potential theft of the administrator access token, enabling attackers to either flip or...
CVE-2022-36223
In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account...
Emby Server 跨站脚本漏洞
Emby Server is a personal media server software that supports storing, managing, and streaming personal media content with support for multiple device access. A cross-site scripting vulnerability exists in Emby Server, which stems from the lack of effective filtering and escaping of user-supplied...