Unrated severityNVD Advisory· Published Mar 27, 2024· Updated Aug 29, 2024
Ampache Stored XSS
CVE-2024-28853
Description
Ampache is a web based audio/video streaming application and file manager. Stored Cross Site Scripting (XSS) vulnerability in ampache before v6.3.1 allows a remote attacker to execute code via a crafted payload to serval parameters in the post request of /preferences.php?action=admin_update_preferences. This vulnerability is fixed in 6.3.1.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/ampache/ampache/security/advisories/GHSA-prw2-7cr3-5mx8mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.