Vulnerabilities (CVE)

Filtered by vendor Tautulli Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-8939 1 Tautulli 1 Tautulli 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
data/interfaces/default/history.html in Tautulli 2.1.26 has XSS via a crafted Plex username that is mishandled when constructing the History page.
CVE-2019-19833 1 Tautulli 1 Tautulli 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area).