Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the owner' and 'pkg
parameters. An attacker can run arbitrary JavaScript code. As of time of publication, no known patches are available.
{ "nvd_published_at": "2023-12-13T22:15:43Z", "cwe_ids": [ "CWE-79" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-08-05T21:29:22Z" }