CVE-2025-48163: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in LambertGroup SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support

High

VulnerabilityCVE-2025-48163cve cve-2025-48163 cwe-79

Published: Wed Aug 20 2025 (08/20/2025, 08:03:28 UTC)

Source: CVE Database V5

Vendor/Project: LambertGroup

Product: SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support allows Reflected XSS. This issue affects SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support: from n/a through 3.5.4.

Technical Details

Data Version: 5.1
Assigner Short Name: Patchstack
Date Reserved: 2025-05-15T18:02:16.098Z
Cvss Version: 3.1
State: PUBLISHED

Threat ID: 68a584b3ad5a09ad0002e2b9

Added to database: 8/20/2025, 8:17:55 AM

Last updated: 8/20/2025, 8:17:55 AM

Related Threats

CVE-2025-55715: CWE-201 Insertion of Sensitive Information Into Sent Data in Themeisle Otter - Gutenberg Block

High

VulnerabilityWed Aug 20 2025

CVE-2025-54750: CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') in FunnelKit Funnel Builder by FunnelKit

High

VulnerabilityWed Aug 20 2025

CVE-2025-54735: CWE-266 Incorrect Privilege Assignment in Emraan Cheema CubeWP Framework

High

VulnerabilityWed Aug 20 2025

CVE-2025-54726: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Miguel Useche JS Archive List

Critical

VulnerabilityWed Aug 20 2025

CVE-2025-54713: CWE-288 Authentication Bypass Using an Alternate Path or Channel in magepeopleteam Taxi Booking Manager for WooCommerce

Critical

VulnerabilityWed Aug 20 2025

Actions

Please log in to the Console to use AI analysis features.

External Links

NVD Database MITRE CVE Reference 1 Search on Google

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

CVE-2025-48163: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in LambertGroup SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support

CVE-2025-48163: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in LambertGroup SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support

Description

Technical Details

Related Threats

CVE-2025-55715: CWE-201 Insertion of Sensitive Information Into Sent Data in Themeisle Otter - Gutenberg Block

CVE-2025-54750: CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') in FunnelKit Funnel Builder by FunnelKit

CVE-2025-54735: CWE-266 Incorrect Privilege Assignment in Emraan Cheema CubeWP Framework

CVE-2025-54726: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Miguel Useche JS Archive List

CVE-2025-54713: CWE-288 Authentication Bypass Using an Alternate Path or Channel in magepeopleteam Taxi Booking Manager for WooCommerce

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility