CVE Catalog

CVE-2023-4167

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.54%

41th percentile — higher than 41% of all known CVEs

Summary

A vulnerability was found in Media Browser Emby Server 4.7.13.0, leading to cross site scripting attacks. The issue affects some unknown processing of the file /web/ and may be exploited remotely.

Risk Assessment

An attacker may exploit this vulnerability to perform XSS attacks, potentially leading to user data theft or session hijacking.

Recommendation

It is recommended to upgrade the affected component to the latest version to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

A vulnerability was found in Media Browser Emby Server 4.7.13.0 and classified as problematic. This issue affects some unknown processing of the file /web/. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-236183.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS