Like clockwork. I just joined recently and of course they have a breach. I knew I should've stayed away when they required an account for you to view your own media. Does Jellyfin let you get past this security issue?
From a comment further up, Jellyfin has an open issue on GitHub with a list of various security problems (most if not all of which come from Emby when they forked off of it). At least they're open about it, and working on it. It seems like running it on the public net might be a bad idea for the time being. But running it internally should be just fine.
I personally run Jellyfin, and aside from security issues, I'm quite pleased with it.
Thanks for your response. If I set up Jellyfin just to run at home, without any need for connecting in from off-site, should I be okay security-wise? I went with Plex because my TV had built-in support for Plex, but now I think I'd like to delete my Plex account and switch to Jellyfin.
Sorry, haven't looked at HN in a while. As long as nothing from the Jellyfin server is touching the internet (no port forwarding or anything), you're probably just fine. If someone is able to hack your Jellyfin install, despite it being completely in your LAN, you've probably got bigger problems to worry about.
I suppose one way you could access it outside the network securely would be to set up a VPN on your home network, to connect to your Jellyfin server through. So there's options. But obviously it depends on how far you want to take it.
I personally run Jellyfin, and aside from security issues, I'm quite pleased with it.