Collection of potential security issues in Jellyfin · Issue #5415 · jellyfin/jellyfin
github.com
Collection of potential security issues in Jellyfin This is a non exhaustive list of potential security issues found in Jellyfin. Some of these might cause controversy. Some of these are design fla...

Collection of potential security issues in Jellyfin This is a non exhaustive list of potential security issues found in Jellyfin. Some of these might cause controversy. Some of these are design fla…

  • jagged_circle@feddit.nlEnglish
    7·
    16 hours ago

    PluginsController only requires user privileges for potentially sensitive actions

    • Includes, but is not limited to: Listing all plugins on the server without being admin, changing plugin settings, listing plugin settings without being admin. This includes the possibility of retrieving LDAP access credentials without admin privileges.

    Outch