CVE-2004-0781

Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter.

Published: Oct 20, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0781
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
icecast / icecast	1.3.10	1.3.10.x
icecast / icecast	1.3.11	1.3.11.x
icecast / icecast	1.3.9.1	1.3.9.1.x
icecast / icecast	1.3.9.2	1.3.9.2.x
icecast / icecast	1.3.5	1.3.5.x
icecast / icecast	1.3.0	1.3.0.x
icecast / icecast	1.3.7.1	1.3.7.1.x
icecast / icecast	1.3.12	1.3.12.x
icecast / icecast	1.3.9	1.3.9.x
icecast / icecast	1.3.5.1	1.3.5.1.x
icecast / icecast	1.3.7	1.3.7.x
icecast / icecast	1.3.10.1	1.3.10.1.x
icecast / icecast	1.3.8	1.3.8.x

http://www.debian.org/security/2004/dsa-541
http://www.securityfocus.com/bid/11021
https://exchange.xforce.ibmcloud.com/vulnerabilities/17086

Vulnerability Database

289,697

CVE-2004-0781