exploitDog

GHSA-9w2g-h336-pq2c

Опубликовано: 02 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 5

Описание

In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint.

In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint.

Ссылки

EPSS

Процентиль: 7%

0.00028

Низкий

5 Medium

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2025-69417

CVSS3: 5

nvd

около 1 месяца назад

In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint.

EPSS

Процентиль: 7%

0.00028

Низкий

5 Medium

CVSS3

CVE ID

Дефекты

CWE-863