Go2rtc Security Vulnerabilities and Issues — Go2rtc CVE List

Lucene search

AlexxitGo2rtc

3 matches found

CVE•added 2024/04/04 7:15 p.m.•98 views

CVE-2024-29193

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The index page (index.html) shows the available streams by fetching the API in the client side. Then, it uses Object.entries to iterate over the result whose first item (name) gets ...

6.1CVSS5.9AI score0.00124EPSS

CVE•added 2024/04/04 6:15 p.m.•68 views

CVE-2024-29192

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to Cross-Site Request Forgery. The /api/config endpoint allows one to modify the existing configuration with user-supplied values. While the API is only allowing localhost to interact without authentication, an attac...

8.8CVSS9AI score0.00073EPSS

CVE•added 2024/04/04 3:15 p.m.•54 views

CVE-2024-29191

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The links page (links.html) appends the src GET parameter ([0]) in all of its links for 1-click previews. The context in which src is being appended is innerHTML ([1]), which will i...

6.1CVSS5.9AI score0.00098EPSS