Jellyfin.Controller is vulnerable to Path Traversal. The vulnerability exists in the WriteDocumentAsync
function of ClientEventLogger.cs
, which allows an attacker to access files outside the expected directory and write malicious files, leading to arbitrary code execution
github.com/jellyfin/jellyfin-web/security/advisories/GHSA-89hp-h43h-r5pq
github.com/jellyfin/jellyfin/blob/22d880662283980dec994cd7d35fe269613bfce3/Jellyfin.Api/Controllers/ClientLogController.cs#L44
github.com/jellyfin/jellyfin/commit/82ad2633fdfb1c37a158057c7935f83e1129eda7
github.com/jellyfin/jellyfin/pull/5918
github.com/jellyfin/jellyfin/releases/tag/v10.8.10
github.com/jellyfin/jellyfin/security/advisories/GHSA-9p5f-5x8v-x65m