📦 Your Spotify

YourSpotify versions before 1.8.0 use a hardcoded JWT secret, allowing attackers to forge valid authentication tokens for any user. This enables authentication bypass and potential admin account takeo...

CVE-2024-28195 is a Cross-Site Request Forgery (CSRF) vulnerability in your_spotify, an open-source self-hosted Spotify tracking dashboard. Attackers can exploit this to perform unauthorized actions o...