Remote attackers can abuse the "Subscribe to Podcast" feature of Subsonic 6.1.1 to store persistent XSS payloadsif an authenticated user clicks a malicious link or visits an attacker controlled webpage.
ccbff854c80967e2cd461d551d2bbb45860d52ba6f9974d2d72d5544d987a48b