Gotham Digital Science discovered a critical information leakage vulnerability in the Jetty web server that allows an unauthenticated remote attacker to read arbitrary data from previous requests and responses submitted to the server by other users. Jetty versions 9.2.3 through 9.2.8 are affected. Proof of concept code included.
17f918c6ed7be55415f6475ca5befcbf2d795848bb2960612e998e54f15479d5
SHOUTcast version 1.9.8 suffers from a user-agent related cross site scripting vulnerability.
78ef0155f1f5cd68e8fc39a592bcf28c4b6f8891eeab746f720dd6ee8148e0ec