CVE-2024-51486

Name of the Vulnerable Software and Affected Versions Ampache versions prior to 7.0.1

Description Ampache is a web-based audio/video streaming application and file manager. The issue exists in the interface section of the Ampache menu, where users can change the "Custom URL - Favicon". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript.

Recommendations For versions prior to 7.0.1, upgrade to version 7.0.1 to resolve the issue. As a temporary workaround, consider restricting access to the "Custom URL - Favicon" section in the interface menu until the upgrade is applied.