CVE-2023-47620

Publication date

2023-12-13 21:49:41

Family

GitHub_M

State

PUBLISHED

Description

Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the `owner and pkg` parameters. An attacker can run arbitrary JavaScript code.