疑似Oday
The Jellyfin media server exposed user information via the public users API endpoint. This endpoint could have leaked sensitive data including usernames, user IDs, server IDs, administrator status, password configuration, login activity, and user policies without authentication.
id: jellyfin-public-users-exposure
info:
name: Jellyfin Public Users - Exposure
author: theaman
...