CVE-2023-48702 | Jellyfin up to 10.8.12 Path ProcessStartInfo command injection (GHSA-rr9h-w522-cvmr)

CVE-2023-48702 | Jellyfin up to 10.8.12 Path ProcessStartInfo command injection (GHSA-rr9h-w522-cvmr)

A vulnerability was found in Jellyfin up to 10.8.12 and classified as critical. Affected by this issue is the function ProcessStartInfo of the file /System/MediaEncoder/Path. The manipulation leads to command injection. This vulnerability is handled as CVE-2023-48702. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.