Lucene search
K

10 matches found

NVD
NVD
added 2026/06/05 2:16 p.m.10 views

CVE-2026-50232

Lyrion Music Server 9.2.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through media file metadata tags like GENRE, ARTIST, and ALBUM. Attackers can craft files with XSS payloads in metadata tags that execute in the web interface when user...

7.2CVSS0.00197EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2026/06/05 1:24 p.m.7 views

CVE-2026-50232 Lyrion Music Server 9.2.0 Stored XSS via Metadata Tags

Lyrion Music Server 9.2.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through media file metadata tags like GENRE, ARTIST, and ALBUM. Attackers can craft files with XSS payloads in metadata tags that execute in the web interface when user...

7.2CVSS5.3AI score0.00197EPSS
Exploits2References2
CVE
CVE
added 2026/06/05 1:24 p.m.24 views

CVE-2026-50232

Lyrion Music Server 9.2.0 is affected by a stored XSS vulnerability via media metadata tags (GENRE, ARTIST, ALBUM). The issue allows an attacker to craft files containing XSS payloads in metadata that execute in the web interface when users view track information or play files, potentially enabli...

7.2CVSS5.3AI score0.00197EPSS
Exploits2References3
EUVD
EUVD
added 2026/06/05 1:24 p.m.9 views

EUVD-2026-34831

Lyrion Music Server 9.2.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through media file metadata tags like GENRE, ARTIST, and ALBUM. Attackers can craft files with XSS payloads in metadata tags that execute in the web interface when user...

7.2CVSS5.3AI score0.00197EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.12 views

PT-2026-46951

Name of the Vulnerable Software and Affected Versions Lyrion Music Server version 9.2.0 Description A stored cross-site scripting issue exists where attackers can inject malicious scripts through media file metadata tags, specifically GENRE, ARTIST, and ALBUM. These payloads execute within the we...

7.2CVSS5.2AI score0.00197EPSS
Exploits2References8
NVD
NVD
added 2026/06/01 3:16 p.m.18 views

CVE-2026-48559

Lightweight Music Server LMS though 3.76.0 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript by embedding malicious HTML in media file metadata tags such as GENRE, ARTIST, or ALBUM. Attackers can introduce a crafted media file into the...

5.4CVSS0.00171EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/01 1:15 p.m.29 views

CVE-2026-48559 Lightweight Music Server 3.76.0 Stored XSS via Media File Metadata Tags

Lightweight Music Server LMS though 3.76.0 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript by embedding malicious HTML in media file metadata tags such as GENRE, ARTIST, or ALBUM. Attackers can introduce a crafted media file into the...

5.4CVSS0.00171EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/01 1:15 p.m.10 views

CVE-2026-48559

Lightweight Music Server LMS though 3.76.0 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript by embedding malicious HTML in media file metadata tags such as GENRE, ARTIST, or ALBUM. Attackers can introduce a crafted media file into the...

5.4CVSS5.9AI score0.00171EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/01 1:15 p.m.14 views

EUVD-2026-33640

Lightweight Music Server LMS though 3.76.0 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript by embedding malicious HTML in media file metadata tags such as GENRE, ARTIST, or ALBUM. Attackers can introduce a crafted media file into the...

5.4CVSS5.9AI score0.00171EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.19 views

PT-2026-45437

Lightweight Music Server LMS though 3.76.0 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript by embedding malicious HTML in media file metadata tags such as GENRE, ARTIST, or ALBUM. Attackers can introduce a crafted media file into the...

5.4CVSS5.9AI score0.00171EPSS
Exploits1References5
Rows per page
Query Builder