exploitDog

GHSA-r6cx-vw2q-5gqg

Опубликовано: 02 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 7.1

Описание

In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device token is not properly aligned with whether the device is currently associated with an account.

In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device token is not properly aligned with whether the device is currently associated with an account.

Ссылки

EPSS

Процентиль: 15%

0.0005

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-672

Связанные уязвимости

CVE-2025-69415

CVSS3: 7.1

nvd

около 1 месяца назад

In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device token is not properly aligned with whether the device is currently associated with an account.

EPSS

Процентиль: 15%

0.0005

Низкий

7.1 High

CVSS3

CVE ID

Дефекты

CWE-672