CVE-2026-50232
Stored XSS in Lyrion Music Server via Metadata Tags
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lyrion | music_server | 9.2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-50232 is a stored cross-site scripting (XSS) vulnerability in Lyrion Music Server version 9.2.0. It allows attackers to inject malicious scripts into media file metadata tags such as GENRE, ARTIST, and ALBUM.
When users view track information or play these files through the web interface, the malicious scripts execute, potentially compromising the security of the application.
How can this vulnerability impact me? :
This vulnerability can allow attackers to execute malicious scripts in the context of the web interface, which may lead to unauthorized access to management functions and disclosure of sensitive settings.
Such access could enable attackers to manipulate the server's configuration or gain further control over the system, posing a moderate to high security risk.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves inspecting media files for malicious scripts embedded in metadata tags such as GENRE, ARTIST, and ALBUM.
One approach is to extract metadata from media files and review them for suspicious or script-like content.
- Use tools like 'ffprobe' or 'exiftool' to extract metadata from media files. For example:
- ffprobe -v quiet -show_entries format_tags=GENRE,ARTIST,ALBUM -of default=noprint_wrappers=1:nokey=1 <mediafile>
- exiftool -GENRE -ARTIST -ALBUM <mediafile>
Review the extracted metadata for any suspicious scripts or unusual characters that could indicate an XSS payload.
Additionally, monitor web interface logs for unexpected script execution or unusual access patterns when users view or play media files.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of untrusted media files with potentially malicious metadata.
Implement input validation and sanitization on metadata fields to neutralize any embedded scripts before rendering them in the web interface.
Restrict user permissions to limit access to management functions and sensitive settings in case of exploitation.
Monitor and update the Lyrion Music Server to the latest version once a patch addressing this vulnerability is released.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the stored cross-site scripting vulnerability in Lyrion Music Server 9.2.0 affects compliance with common standards and regulations such as GDPR or HIPAA.