SHOUTcast Server Log Files XSS (deprecated)

Medium Nessus Network Monitor Plugin ID 1527


The remote host is running a vulnerable version of SHOUTcast server.


The remote host is running a SHOUTcast server. This software does not properly validate the data provided by web clients, and is therefore vulnerable to a cross-site scripting issue in its logs interface (which can only be used by the administrator). An attacker may use this flaw to steal the cookies of the administrator and gain access to this server.


None solution known at this time.

See Also

Plugin Details

Severity: Medium

ID: 1527

File Name: 1527.prm

Family: Web Servers

Published: 2004/08/18

Modified: 2015/06/01

Dependencies: 1442

Nessus ID: 11624

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 4

Temporal Score: 3.5


Temporal Vector: CVSS3#E:U/RL:O/RC:C