How should I report security issues to Plex?

rodneylive · December 28, 2016, 8:38pm

I found a few XSS security issues in Plex. How do you prefer I communicate the details? (i.e. post to forum, email someone)

anon18523487 · December 28, 2016, 8:51pm

If you can describe generally what you found here that would be good. If it is an issue, we will have someone contact you via PM.

rodneylive · January 3, 2017, 7:05pm

I simply add an XSS attack vector to an input and the Plex application renders the JavaScript.

anon18523487 · January 3, 2017, 9:31pm

We are aware of this issue.

rodneylive · January 4, 2017, 2:54pm

There is one when you edit a video title.

anon18523487 · January 4, 2017, 7:40pm

Can you PM about that?

rodneylive · January 13, 2017, 1:42pm

I sent you a PM with regards to this issue.

Topic		Replies	Views
Vulnerability in Plex General Discussions	2	74	January 7, 2020
Where to submit a security issue privately Dev/API Corner other-dev	3	73	December 21, 2019
Security issues in Plex/Web Feature Suggestions	9	55	January 16, 2021
Making Responsible Security Disclosures General Discussions	2	155	January 8, 2020
SSL Security Vulnerabilities Dev/API Corner other-dev	9	523	December 21, 2019