VYPR

Media Server

by Logitech

CVEs (3)

  • CVE-2017-15687MedOct 23, 2017
    risk 0.43cvss 6.1epss 0.01

    DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7.7.1, 7.7.2, 7.7.3, 7.7.5, 7.7.6, 7.9.0, and 7.9.1 via a crafted URI.

  • CVE-2017-16568MedNov 10, 2017
    risk 0.38cvss 5.4epss 0.02

    Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Radio" functionality. This vulnerability allows attackers to inject malicious JavaScript payloads, which become permanently stored on the server and execute when a user plays the…

  • CVE-2017-16567MedNov 10, 2017
    risk 0.38cvss 5.4epss 0.02

    Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Favorites" feature. This vulnerability allows remote attackers to inject and permanently store malicious JavaScript payloads, which are executed when users access the affected…