bug of script injection in shoutcast servers

[mantasjadzevicius () vecro lt]

Vulnerable Systems:
All shoutcast servers!!

I found an error in shoutcast server.
 Then I'm connecting to the server I type in the DJ columns( you can type in all columns) for exmple script pvz.:
<script>alert("boo");</script>
<script>location.href="google.com";</script>
or else...
So then you go to http://radio.com:port and will be executed script.



Mantas Jadzevi&#269;ius a.k.a UZUZZ
mantasjadzevicius () vecro lt
irc: irc.data.lt #security
2006