Headline
CVE-2022-35910: Require elevation to save list of plugin repositories by crobibero · Pull Request #7569 · jellyfin/jellyfin
In Jellyfin before 10.8, stored XSS allows theft of an admin access token.
@@ -155,7 +155,7 @@ public ActionResult<IEnumerable<RepositoryInfo>> GetRepositories() /// <response code="204">Package repositories saved.</response> /// <returns>A <see cref="NoContentResult"/>.</returns> [HttpPost(“Repositories”)] [Authorize(Policy = Policies.DefaultAuthorization)] [Authorize(Policy = Policies.RequiresElevation)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult SetRepositories([FromBody, Required] List<RepositoryInfo> repositoryInfos) {