Yooooomi Your_spotify

5 CVEs affecting Yooooomi Your_spotify. Latest disclosed: 2024-03-13. Critical: 1, High: 1.

Top CVEs affecting Yooooomi Your_spotify
CVESeverityScorePublishedSummary
CVE-2024-28194Critical9.12024-03-13your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify versions < 1.8.0 use a hardcoded JSON Web Token (JWT) secret to sign authen…
CVE-2024-28195High8.12024-03-13your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify versions < 1.9.0 do not protect the API and login flow against Cross-Site R…
CVE-2024-28193Medium6.52024-03-13your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version <1.8.0 allows users to create a public token in the settings, which…
CVE-2024-28196Medium6.52024-03-13your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version < 1.9.0 does not prevent other pages from displaying it in an ifram…
CVE-2024-28192Medium5.32024-03-13your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version <1.8.0 is vulnerable to NoSQL injection in the public access token…