1 matches found
Cross site scripting
In Jellyfin before 10.8, stored XSS allows theft of an admin access token...