Closed StefanAbl closed 3 months ago
The endpoints for sending a test mail or a newsletter e-mail or exposed without authentication. This allows for spamming users with test e-mails.
https://github.com/Cloud9Developer/Jellyfin-Newsletter-Plugin/blob/2a624b9e5cbfe26aa0f6a19c8921d517d2049ce3/Jellyfin.Plugin.Newsletters/Emails/smtp.cs#L79
It would be greatly appreciated if you could add authentication to those endpoints.
was fixed in https://github.com/Cloud9Developer/Jellyfin-Newsletter-Plugin/commit/4f9f9256d882286c845ce502465dc141a44596e9
only jellyfin admins can use the endpoints now
Very nice, thank you
The endpoints for sending a test mail or a newsletter e-mail or exposed without authentication. This allows for spamming users with test e-mails.
https://github.com/Cloud9Developer/Jellyfin-Newsletter-Plugin/blob/2a624b9e5cbfe26aa0f6a19c8921d517d2049ce3/Jellyfin.Plugin.Newsletters/Emails/smtp.cs#L79
It would be greatly appreciated if you could add authentication to those endpoints.