RSS   Vulnerabilities for 'Tautulli'   RSS

2019-12-18
 
CVE-2019-19833

CWE-352
 

 
In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area).

 
2019-02-19
 
CVE-2019-8939

CWE-79
 

 
data/interfaces/default/history.html in Tautulli 2.1.26 has XSS via a crafted Plex username that is mishandled when constructing the History page.

 


Copyright 2024, cxsecurity.com

 

Back to Top