CVE-2021-25828 Information

Description

Emby Server versions < 4.6.0.50 is vulnerable to Cross Site Scripting (XSS) vulnerability via a crafted GET request to /web.

Reference

https://github.com/MediaBrowser/Emby/issues/3785