Unrated severityNVD Advisory· Published Jun 22, 2021· Updated Aug 3, 2024
Cross-site Scripting in Random.php
CVE-2021-32644
Description
Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. This issue has been resolved in 4.4.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/ampache/ampache/commit/c9453841e1b517a1660c3da1efd1fe5d623c93a5mitrex_refsource_MISC
- github.com/ampache/ampache/security/advisories/GHSA-vqpj-xgw2-r54qmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.