CVE-2022-35909
CVE-2022-35909 refers to Jellyfin prior to version 10.8 where the "/users" endpoint has incorrect access control for admin functionality. The publicly available documents identify this as an admin-access control flaw that could enable unauthorized admin-like access via the mentioned endpoint. The...