Hello, your friendly upstream here. We just released Icecast 2.3.3 which addresses this issue. Also for the record. It's fairly easy to spot those injection attempts by looking at the Icecast access log. Cheers Thomas