GHSA-8q6q-m837-fv64: Koel has SSRF through Authenticated Subsonic podcast feed URLs
Koel versions prior to 9.7.0 contain a server-side request forgery (SSRF) vulnerability in the Subsonic createPodcastChannel.view endpoint. An authenticated user can supply a podcast feed URL that…
Read the full article2d agoen
Comments
Sign in to join the conversation.
No comments yet. Be the first.