We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure. What happened An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication...
  • ShortN0te@lemmy.mlEnglish
    2·
    4 hours ago

    Besides that, security by obscurity is the worst possible form and barely qualifies as security at all.

    In fact security by obscurity is not security at all. In this case it should be authenticated or to the very least to actually use a random string like a uuid. But, changing the root path does prevent it from exploiting. Not perfect but a temporary solution.

    It’s also another place where the Jellyfin devs leave their users to their own devices when it comes to securing the server against malicious actors.

    Another place? What else? You mean setting up you own server? That is in fact your responsibility.