Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Pymedusa Security Vulnerabilities

cve
cve

CVE-2023-50259

Medusa is an automatic video library manager for TV shows. Versions prior to 1.0.19 are vulnerable to unauthenticated blind server-side request forgery (SSRF). The testslack request handler in medusa/server/web/home/handler.py does not validate the user-controlled slack_webhook variable and passes....

5.3CVSS

7.5AI Score

0.001EPSS

2023-12-22 05:15 PM
5
cve
cve

CVE-2023-50258

Medusa is an automatic video library manager for TV shows. Versions prior to 1.0.19 are vulnerable to unauthenticated blind server-side request forgery (SSRF). The testDiscord request handler in medusa/server/web/home/handler.py does not validate the user-controlled discord_webhook variable and...

5.3CVSS

7.5AI Score

0.001EPSS

2023-12-22 05:15 PM
12
cve
cve

CVE-2023-28627

pymedusa is an automatic video library manager for TV Shows. In versions prior 1.0.12 an attacker with access to the web interface can update the git executable path in /config/general/ > advanced settings with arbitrary OS commands. An attacker may exploit this vulnerability to take execute...

8.8CVSS

8.9AI Score

0.002EPSS

2023-03-27 09:15 PM
11