CVE-2018-14688
CVE-2018-14688 affects Subsonic 6.1.1. Three stored XSS vulnerabilities exist in the radio settings inputs name[x], streamUrl[x], and homepageUrl[x] that are sent to internetRadioSettings.view, enabling an attacker to steal session information. Publicly documented details in CNVD-2018-19874 and C...