CVE-2017-20219

Name of the Vulnerable Software and Affected Versions Serviio PRO version 1.8

Description Serviio PRO 1.8 DLNA Media Streaming Server contains a DOM-based cross-site scripting issue that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads. Attackers can craft URLs with malicious input that is read from document.location and passed to document.write() in the mediabrowser component, leading to code execution within a user's browser context.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.