Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An XSS issue was discovered in Subsonic Media Server 6.1.1. The podcast subscription form is affected by a stored XSS vulnerability in the add parameter to podcastReceiverAdmin.view; no administrator access is required. By injecting a JavaScript payload, this flaw could be used to manipulate a user's session, or elevate privileges by targeting an administrative user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Subsonic Media Server 跨站脚本漏洞
Vulnerability Description
Subsonic Media Server是软件开发者Sindre Mehus开发和维护的一个媒体文件托管平台。 Subsonic Media Server 6.1.1版本中的podcast订阅表单存在跨站脚本漏洞。远程攻击者可通过向podcastReceiverAdmin.view文件发送‘add’参数利用该漏洞操纵用户会话或提升权限。
CVSS Information
N/A
Vulnerability Type
N/A