Subsonic cross-site scripting vulnerability (CNVD-2018-20097)
Subsonic is a media file hosting platform developed and maintained by software developer Sindre Mehus. A cross-site scripting vulnerability exists in generalSettings in Subsonic version 6.1.1. A remote attacker can exploit this vulnerability by sending the 'title' and 'subtitle' parameters to the...