Twonky Server before 8.5.1 has XSS via a modified "language" parameter in the Language...
6.1CVSS
5.8AI Score
0.001EPSS
6.1CVSS
5.9AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to inject arbitrary web script or HTML via the friendlyname parameter to...
6.1CVSS
6AI Score
0.001EPSS
Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to...
7.5CVSS
7.3AI Score
0.018EPSS