devsnd/cherrymusic

Releases41

Frequency3 months 2 weeks

Last Release almost 2 years ago

Stars1.03K

Stream your own music collection to all your devices! The easy to use free and open-source music streaming server.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2015-8309 ↗	Mar 27, 2017Monday, 27 March 2017, 15:59	—	4 MEDIUM
Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."
CVE-2015-8310 ↗	Mar 27, 2017Monday, 27 March 2017, 15:59	—	3.5 LOW
Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist.