CVE-2024-49763 – PlexRipper Open CORS Policy Information Disclosure

12月 2, 2024
6:16 pm

CVE ID : CVE-2024-49763

Published : Dec. 2, 2024, 5:15 p.m. | 1 hour ago

Description : PlexRipper is a cross-platform media downloader for Plex. PlexRipper’s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker’s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user’s Plex login. This vulnerability is fixed in 0.24.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-49763 – PlexRipper Open CORS Policy Information Disclosure

Elvescore.io

Recent Posts

CVE-2024-12965 – 1000 Projects Portfolio Management System MCA SQL Injection Vulnerability

CVE-2024-12966 – “Code-projects Job Recruitment SQL Injection”

CVE-2024-56510 – Marp Core XSSInjection

CVE-2024-12963 – Code-projects Job Recruitment SQL Injection

CVE-2024-12964 – “1000 Projects Daily College Class Work Report Book SQL Injection Vulnerability”

CVE-2024-12962 – Code-Projects Job Recruitment SQL Injection Vulnerability

CVE-2024-49763 – PlexRipper Open CORS Policy Information Disclosure

CVE-2024-49763 – PlexRipper Open CORS Policy Information Disclosure