Shout · Shout · CVE-2017-16043
Name of the Vulnerable Software and Affected Versions:
Shout versions 0.44.0 through 0.49.3
Description:
The issue concerns the `/topic` command in messages, which is not properly escaped, allowing attackers to inject HTML scripts. This can lead to cross-site scripting, where the injected scripts run in the victim's browser.
Recommendations:
Update to version 0.50.0 or later.