Security Advisory

CVE-2024-49763

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-02 16:41:26

Last updated 2024-12-02 17:22:07

Assigner GitHub_M

State PUBLISHED

Description

PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s Plex login. This vulnerability is fixed in 0.24.0.

← Browse all CVEs View on cve.org ↗