9 matches found
EUVD-2024-43833
Malicious code in bioql PyPI...
CVE-2024-49763
PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s...
CVE-2024-49763
PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s...
CVE-2024-49763 PlexRipper allows API leak due to open CORS policy
PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s...
CVE-2024-49763 PlexRipper allows API leak due to open CORS policy
PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s...
CVE-2024-49763
PlexRipper (open-source media downloader for Plex) is affected by an open CORS policy that allows cross-origin requests to the /api/PlexAccount endpoint, enabling an attacker-controlled site to access sensitive information and steal user Plex login details. Root cause is the permissive CORS confi...
CVE-2024-49763 PlexRipper allows API leak due to open CORS policy
PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s...
PlexRipper 安全漏洞
PlexRipper is a cross-platform Plex media downloader from the PlexRipper open source. A security vulnerability exists in PlexRipper version 0.23.2, which stems from an open CORS policy that allows an attacker to obtain sensitive information by giving users access to their domain name...
PT-2024-33673 · Unknown · Plexripper
Name of the Vulnerable Software and Affected Versions: PlexRipper versions prior to 0.24.0 Description: PlexRipper's open CORS policy allows attackers to gain sensitive information by getting the user to access the attacker's domain. This enables an attacking website to access the...