[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-1917":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":52,"name":53,"published":54,"updated":34},1917,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},2,"Nuclei",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":36,"public_description":37,"public_recommendation":38,"recommendation":34,"references":39,"cvssv3":45,"epss_score":46,"epss_percentile":47,"cve":48,"in_cisa_catalog":50,"date":51,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"medium","This vulnerability can lead to unauthorized access to internal resources, potential data leakage, and further exploitation of the target system.","Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the imageUrl parameter.","Upgrade to version 10.7.3 or newer. As a workaround, disable external access to the API endpoints \"/Items/*/RemoteImages/Download\", \"/Items/RemoteSearch/Image\" and \"/Images/Remote\".",[40,41,42,43,44],"https://github.com/jellyfin/jellyfin/security/advisories/GHSA-rgjw-4fwc-9v96","https://nvd.nist.gov/vuln/detail/CVE-2021-29490","https://github.com/ARPSyndicate/kenzer-templates","https://github.com/HimmelAward/Goby_POC","https://github.com/Threekiii/Awesome-POC",5.8,0.89691,0.99562,[49],"CVE-2021-29490",false,"2021-05-06T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2021-29490","Jellyfin 10.7.2 - Server Side Request Forgery","2023-07-04T00:00:00Z"]