An issue exists in Subsonic 6.1.1. The general settings are affected by two stored cross-site scripting vulnerabilities in the title and subtitle parameters to generalSettings.view that could be used to steal session information of a victim.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
subsonic subsonic 6.1.1 |