Emby · Emby Media Server · CVE-2024-30931
**Name of the Vulnerable Software and Affected Versions**
Emby Media Server version 4.8.3.0
**Description**
A Stored Cross Site Scripting issue allows a remote attacker to escalate privileges via the notifications.html component.
**Recommendations**
For Emby Media Server version 4.8.3.0, consider disabling access to the notifications.html component until a patch is available to prevent privilege escalation.