CVE-2018-14689
Subsonic 6.1.1 is affected by five stored cross‑site scripting vulnerabilities in transcodingSettings.view parameters (name[x], sourceformats[x], targetFormat[x], step1[x], step2[x]). Impact: potential to steal session information of a victim. Root cause: stored XSS in the transcoding settings. A...