CVE-2026-50232
Deferred Deferred - Pending Action
Stored XSS in Lyrion Music Server via Metadata Tags

Publication date: 2026-06-05

Last updated on: 2026-06-08

Assigner: VulnCheck

Description
Lyrion Music Server 9.2.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through media file metadata tags like GENRE, ARTIST, and ALBUM. Attackers can craft files with XSS payloads in metadata tags that execute in the web interface when users view track information or play files, enabling access to management functions and settings disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-05
Last Modified
2026-06-08
Generated
2026-06-25
AI Q&A
2026-06-05
EPSS Evaluated
2026-06-24
NVD
CVE-2026-50232
EUVD
EUVD-2026-34831
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
lyrion music_server 9.2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-50232 is a stored cross-site scripting (XSS) vulnerability in Lyrion Music Server version 9.2.0. It allows attackers to inject malicious scripts into media file metadata tags such as GENRE, ARTIST, and ALBUM.

When users view track information or play these files through the web interface, the malicious scripts execute, potentially compromising the security of the application.

Impact Analysis

This vulnerability can allow attackers to execute malicious scripts in the context of the web interface, which may lead to unauthorized access to management functions and disclosure of sensitive settings.

Such access could enable attackers to manipulate the server's configuration or gain further control over the system, posing a moderate to high security risk.

Detection Guidance

Detection of this vulnerability involves inspecting media files for malicious scripts embedded in metadata tags such as GENRE, ARTIST, and ALBUM.

One approach is to extract metadata from media files and review them for suspicious or script-like content.

  • Use tools like 'ffprobe' or 'exiftool' to extract metadata from media files. For example:
  • ffprobe -v quiet -show_entries format_tags=GENRE,ARTIST,ALBUM -of default=noprint_wrappers=1:nokey=1 <mediafile>
  • exiftool -GENRE -ARTIST -ALBUM <mediafile>

Review the extracted metadata for any suspicious scripts or unusual characters that could indicate an XSS payload.

Additionally, monitor web interface logs for unexpected script execution or unusual access patterns when users view or play media files.

Mitigation Strategies

Immediate mitigation steps include avoiding the use of untrusted media files with potentially malicious metadata.

Implement input validation and sanitization on metadata fields to neutralize any embedded scripts before rendering them in the web interface.

Restrict user permissions to limit access to management functions and sensitive settings in case of exploitation.

Monitor and update the Lyrion Music Server to the latest version once a patch addressing this vulnerability is released.

Compliance Impact

The provided information does not specify how the stored cross-site scripting vulnerability in Lyrion Music Server 9.2.0 affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-50232. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart