Unrated severityNVD Advisory· Published Aug 22, 2019· Updated Aug 4, 2024
CVE-2019-12386
CVE-2019-12386
Description
An issue was discovered in Ampache through 3.9.1. A stored XSS exists in the localplay.php LocalPlay "add instance" functionality. The injected code is reflected in the instances menu. This vulnerability can be abused to force an admin to create a new privileged user whose credentials are known by the attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Ampache/Ampachedescription
Patches
Vulnerability mechanics
References
2- lists.debian.org/debian-lts-announce/2019/11/msg00008.htmlmitremailing-listx_refsource_MLIST
- www.tarlogic.com/en/blog/vulnerabilities-in-ampache/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.