Shout is an IRC client. Because the /topic command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout >=0.44.0 <=0.49.3.
/topic
{ "versions": [ { "introduced": "0.44.0" }, { "fixed": "0.50.0" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16043.json"