Cross-Site Scripting (XSS) Vulnerability in Tautulli 2.1.26 via Crafted Plex Username in History Page

Cross-Site Scripting (XSS) Vulnerability in Tautulli 2.1.26 via Crafted Plex Username in History Page

CVE-2019-8939 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

data/interfaces/default/history.html in Tautulli 2.1.26 has XSS via a crafted Plex username that is mishandled when constructing the History page.

Learn more about our User Device Pen Test.