CVE-2026-50235
Reflected XSS in Lyrion Music Server Search Parameters
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lyrion | music_server | 9.2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-50235 is a reflected cross-site scripting (XSS) vulnerability found in Lyrion Music Server version 9.2.0. The issue occurs because the advanced search parameters do not properly sanitize user input before displaying it in search forms.
This allows attackers to inject malicious scripts into the search parameters, which then execute arbitrary JavaScript in the browsers of users who view the search results.
As a result, attackers can steal session information or perform other malicious actions within the context of the affected user's browser.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary JavaScript in your browser when you use the affected search functionality.
- Attackers can steal your session information, potentially leading to unauthorized access to your account.
- Malicious scripts could perform actions on your behalf or manipulate the content you see.
- It may lead to a loss of trust in the affected application due to security risks.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability in Lyrion Music Server 9.2.0 is a reflected cross-site scripting (XSS) issue in the advanced search parameters where user input is not properly sanitized.
Detection typically involves testing the search parameters by injecting common XSS payloads into the search form and observing if the input is reflected unsanitized in the response.
For example, you can use curl or a browser-based tool to send a request with a script tag in the search parameter and check if the response contains the injected script.
- curl -G --data-urlencode "search=<script>alert('XSS')</script>" http://[target]/search
- Use browser developer tools to manually input script tags in the advanced search form and observe if the script executes or appears in the page source.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of the vulnerable advanced search parameters until a patch is applied.
Additionally, you can implement web application firewall (WAF) rules to block requests containing suspicious script tags or typical XSS payloads targeting the search parameters.
Ensure users are aware of the risk and avoid clicking on suspicious links that might exploit this vulnerability.
Ultimately, apply any official patches or updates provided by the vendor once available.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers to execute arbitrary JavaScript in users' browsers and steal session information by exploiting reflected cross-site scripting in search parameters.
Such unauthorized access to session information could lead to exposure of personal data, which may impact compliance with data protection regulations like GDPR and HIPAA that require safeguarding user data and preventing unauthorized access.
However, the provided information does not explicitly discuss the direct impact on compliance with these standards.