Homepage

malojaserver@2.9.2 vulnerabilities

Self-hosted music scrobble database

  • latest version

    3.2.4

  • latest non vulnerable version

    3.2.4

  • first published

    5 years ago

  • latest version published

    1 months ago

  • licenses detected

  • View malojaserver package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the malojaserver package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Cross-site Scripting (XSS)

    malojaserver is a Self-hosted music scrobble database

    Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the error page mechanism. An attacker can execute unauthorized scripts in the user's browser context by sending a crafted URL that includes malicious HTML content. This is only exploitable if the user visits a malicious link pointing to the affected server.

    How to fix Cross-site Scripting (XSS)?

    Upgrade malojaserver to version 3.2.2 or higher.

    [,3.2.2)
    Go back to all versions of this package