In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Cross-site Scripting (XSS) vulnerabilities in an interactive lesson.
Start learningUpgrade org.airsonic.player:airsonic-main
to version 10.3.0 or higher.
org.airsonic.player:airsonic-main is a media server that can be used to stream multiple players simultaneously.
Affected versions of this package are vulnerable to Cross-site Scripting (XSS)
due to not escaping avatar names within avatarUploadResult.jsp
.