XSourcePlayer is an audio player from Russound, Inc. A code execution vulnerability exists in Russound XSourcePlayer version 777D v06.08.03, which stems from a failure of the scriptRunner.cgi component to properly filter the special elements of the constructed code segment. An attacker could exploit the vulnerability to execute arbitrary code.