A vulnerability was found in Jellyfin up to 10.8.12 and classified as critical. Affected by this issue is the function
ProcessStartInfo
of the file /System/MediaEncoder/Path. The manipulation leads to command injection.
This vulnerability is handled as CVE-2023-48702. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.