Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Ampache Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2024-51490 - Vulnerability Database
Ampache

Ampache Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2024-51490

Critical
Reference: CVE-2024-51490
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-51490
Title: Ampache Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu where users can change quotCustom URL - Logoquot. This section is not properly sanitized allowing for the input of strings that can execute JavaScript. This issue has been addressed in version 7.0.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.