Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote malicious users to inject arbitrary web script or HTML via the top-level URI on the Incoming interface (port 8001/tcp), which is not properly handled in the administrator interface when viewing the log file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nullsoft shoutcast server 1.9.7 |