CVE-2026-50230 in Lyrion Music Serverinfo

Summary

by MITRE • 06/05/2026

Lyrion Music Server 9.2.0 contains an unauthenticated reflected cross-site scripting vulnerability in the server.log endpoint that allows attackers to inject arbitrary HTML and JavaScript code through the search parameter. Attackers can craft malicious URLs with JavaScript payloads in the search parameter to execute code in users' browsers within the context of the affected application.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

VulnCheck

Reservation

06/04/2026

Disclosure

06/05/2026

Moderation

accepted

Entry

VDB-368929

CPE

ready

CWE

CWE-79 (confirmed)

CVSS

6.1 (CNA)

EPSS

0.00000

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-50230
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-50230
CVE Details	https://www.cvedetails.com/cve/CVE-2026-50230/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!