icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

SHOUTcast Server Log Files XSS

Medium

Synopsis

The remote host is running a vulnerable version of SHOUTcast server.

Description

The remote host is running a SHOUTcast server. This software does not properly validate the data provided by web clients, and is therefore vulnerable to a cross-site scripting issue in its logs interface (which can only be used by the administrator). An attacker may use this flaw to steal the cookies of the administrator and gain access to this server.

Solution

None solution known at this time.