Vulnerabilities > Emby > Emby > 3.0.5870.2490
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-28 | CVE-2021-25827 | Authentication Bypass by Spoofing vulnerability in Emby Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address. | 9.8 |
2023-06-28 | CVE-2021-25828 | Cross-site Scripting vulnerability in Emby Emby Server versions < 4.6.0.50 is vulnerable to Cross Site Scripting (XSS) vulnerability via a crafted GET request to /web. | 6.1 |
2020-10-10 | CVE-2020-26948 | Server-Side Request Forgery (SSRF) vulnerability in Emby Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL parameter. | 9.8 |