VLC Web Interface Reflected XSS Vulnerability

The web interface for VLC version 2.1.3 suffers from a cross site scripting vulnerability. Using a specially crafted HTTP request, it is possible to exploit a lack in the neutralization of the error page output which includes the user submitted content. Successful exploitation of the vulnerability, results in the execution of arbitrary code in user's browser in the context of the vulnerable website through a Reflected XSS.