High severity7.4NVD Advisory· Published Jun 7, 2017· Updated Jun 17, 2026
CVE-2017-9355
CVE-2017-9355
Description
XML external entity (XXE) vulnerability in the import playlist feature in Subsonic 6.1.1 might allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted XSPF playlist file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
3- hyp3rlinx.altervista.org/advisories/SUBSONIC-XML-EXTERNAL-ENITITY.txtnvdExploitThird Party Advisory
- packetstormsecurity.com/files/142795/Subsonic-6.1.1-XML-External-Entity-Attack.htmlnvdExploitThird Party Advisory
- www.exploit-db.com/exploits/42119/nvd
News mentions
0No linked articles in our index yet.