Executive Summary

CVE-2026-50235 is a reflected cross-site scripting (XSS) vulnerability found in Lyrion Music Server version 9.2.0. The issue occurs because the advanced search parameters do not properly sanitize user input before displaying it in search forms.

This allows attackers to inject malicious scripts into the search parameters, which then execute arbitrary JavaScript in the browsers of users who view the search results.

As a result, attackers can steal session information or perform other malicious actions within the context of the affected user's browser.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by allowing attackers to execute arbitrary JavaScript in your browser when you use the affected search functionality.

• Attackers can steal your session information, potentially leading to unauthorized access to your account.
• Malicious scripts could perform actions on your behalf or manipulate the content you see.
• It may lead to a loss of trust in the affected application due to security risks.

Useful 0 Not Useful 0

Detection Guidance

The vulnerability in Lyrion Music Server 9.2.0 is a reflected cross-site scripting (XSS) issue in the advanced search parameters where user input is not properly sanitized.

Detection typically involves testing the search parameters by injecting common XSS payloads into the search form and observing if the input is reflected unsanitized in the response.

For example, you can use curl or a browser-based tool to send a request with a script tag in the search parameter and check if the response contains the injected script.

• curl -G --data-urlencode "search=<script>alert('XSS')</script>" http://[target]/search
• Use browser developer tools to manually input script tags in the advanced search form and observe if the script executes or appears in the page source.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include avoiding the use of the vulnerable advanced search parameters until a patch is applied.

Additionally, you can implement web application firewall (WAF) rules to block requests containing suspicious script tags or typical XSS payloads targeting the search parameters.

Ensure users are aware of the risk and avoid clicking on suspicious links that might exploit this vulnerability.

Ultimately, apply any official patches or updates provided by the vendor once available.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows attackers to execute arbitrary JavaScript in users' browsers and steal session information by exploiting reflected cross-site scripting in search parameters.

Such unauthorized access to session information could lead to exposure of personal data, which may impact compliance with data protection regulations like GDPR and HIPAA that require safeguarding user data and preventing unauthorized access.

However, the provided information does not explicitly discuss the direct impact on compliance with these standards.

Useful 0 Not Useful 0