SHOUTcast Server Admin Log File XSS

This script is Copyright (C) 2003-2015 Tenable Network Security, Inc.

Synopsis :

The remote streaming audio server is affected by a cross-site scripting

Description :

According to its banner, the version of SHOUTcast Server installed on
the remote host is earlier than 1.9.5. Such versions do not properly
validate user input before storing it in its log file. An attacker may
use this flaw to perform a cross-site scripting attack against the
administrators of the remote service and steal the administrators'

See also :

Solution :

Upgrade to SHOUTcast 1.9.5 or later.

Risk factor :

Medium / CVSS Base Score : 4.3

Family: CGI abuses : XSS

Nessus Plugin ID: 11624 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now