Uzuzz

**Name of the Vulnerable Software and Affected Versions** SHOUTcast version 1.9.5 **Description** The issue allows remote attackers to inject arbitrary HTML or web script via the DJ fields, including `Description`, `URL`, `Genre`, `AIM`, and `ICQ`. This can lead to cross-site scripting (XSS) attacks. **Recommendations** For SHOUTcast version 1.9.5, consider restricting input for the DJ fields `Description`, `URL`, `Genre`, `AIM`, and `ICQ` to prevent arbitrary HTML or web script injection until a patch is available.