25 Juil 2017
CVE-2017-9413 - CVE Vulnerability
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or (2) update Interet Radio Settings via the urlRedirectCustomUrl parameter to networkSettings.view. NOTE: These vulnerabilities can be exploited to conduct server-side request forgery (SSRF) attacks. (CVSS:0.0) (Last Update:2017-07-25)
Vulnerability Details : Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or (2) update Interet Radio Settings via the urlRedirectCustomUrl parameter to networkSettings.view. NOTE: These vulnerabilities can be exploited to conduct server-side request forgery (SSRF) attacks. Publish Date : 2017-07-25 Last Update Date : 2017-07-25 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-9413
- References For CVE-2017-9413
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-9413There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |