Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter.
Software | From | Fixed in |
---|---|---|
icecast / icecast | 1.3.0 | 1.3.0.x |
icecast / icecast | 1.3.10 | 1.3.10.x |
icecast / icecast | 1.3.10.1 | 1.3.10.1.x |
icecast / icecast | 1.3.11 | 1.3.11.x |
icecast / icecast | 1.3.12 | 1.3.12.x |
icecast / icecast | 1.3.5 | 1.3.5.x |
icecast / icecast | 1.3.5.1 | 1.3.5.1.x |
icecast / icecast | 1.3.7 | 1.3.7.x |
icecast / icecast | 1.3.7.1 | 1.3.7.1.x |
icecast / icecast | 1.3.8 | 1.3.8.x |
icecast / icecast | 1.3.9 | 1.3.9.x |
icecast / icecast | 1.3.9.1 | 1.3.9.1.x |
icecast / icecast | 1.3.9.2 | 1.3.9.2.x |