Name of the Vulnerable Software and Affected Versions Maloja versions prior to 3.2.2

Description The issue allows an attacker to execute a script on the user's machine inside the Maloja context, enabling them to perform authorized actions such as scrobbling or deleting scrobbles. This is a client-side exploit and does not affect the security of the server. The severity of the issue might be considered low due to the limited incentive to target scrobble data and the requirement for specific targeting, such as sending a user a link to their own server.

Recommendations For versions prior to 3.2.2, update to version 3.2.2 to resolve the issue.