SHOUTcast Server Log Files XSS (deprecated)
Medium Nessus Network Monitor Plugin ID 1527
SynopsisThe remote host is running a vulnerable version of SHOUTcast server.
DescriptionThe remote host is running a SHOUTcast server. This software does not properly validate the data provided by web clients, and is therefore vulnerable to a cross-site scripting issue in its logs interface (which can only be used by the administrator). An attacker may use this flaw to steal the cookies of the administrator and gain access to this server.
SolutionNone solution known at this time.