Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allows remote attackers with knowledge of the target username to hijack the authentication of users for requests that change passwords via a crafted request to userSettings.view.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Subsonic 跨站请求伪造漏洞
Vulnerability Description
Subsonic是软件开发者Sindre Mehus开发和维护的一个媒体文件托管平台。 Subsonic 6.1.1版本中存在跨站请求伪造漏洞。远程攻击者可通过向userSettings.view文件发送特制的请求利用该漏洞更改密码。
CVSS Information
N/A
Vulnerability Type
N/A