CVE-2023-23635

Vulnerability Description

In Jellyfin 10.8.x through 10.8.3, the name of a collection is vulnerable to stored XSS. This allows an attacker to steal access tokens from the localStorage of the victim.

Vulnerability Details

Published Date

February 03, 2023

Last Modified

March 26, 2025

Source

NVD

CVE-2023-23635

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment