3 matches found
CVE-2017-9413
CVE-2017-9413 affects Subsonic 6.1.1 via CSRF in the Podcast feature. The vulnerability allows an attacker to hijack the authentication of users for actions such as subscribing to a podcast (podcastReceiverAdmin.view) or altering Internet Radio Settings (networkSettings.view with urlRedirectCusto...
Subsonic 6.1.1 - Server-Side Request Forgery
Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SUBSONIC-CSRF-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: ApparitionSec Vendor: ================ www.subsonic.org Product: =============== subsonic v6.1.1 Subsonic is a media...
Subsonic 6.1.1 Server Side Request Forgery
Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SUBSONIC-CSRF-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: ApparitionSec Vendor: ================ www.subsonic.org Product: =============== subsonic v6.1.1 Subsonic is a media...