diff --git a/client/pages/share/_slug.vue b/client/pages/share/_slug.vue
index 64c099632..fdcbbe500 100644
--- a/client/pages/share/_slug.vue
+++ b/client/pages/share/_slug.vue
@@ -364,6 +364,7 @@ export default {
     }
 
     const startTime = this.playbackSession.currentTime || 0
+
     this.localAudioPlayer.set(null, this.audioTracks, false, startTime, false)
     this.localAudioPlayer.on('stateChange', this.playerStateChange.bind(this))
     this.localAudioPlayer.on('timeupdate', this.playerTimeUpdate.bind(this))
diff --git a/server/controllers/ShareController.js b/server/controllers/ShareController.js
index 3e7ea1deb..73da84a8a 100644
--- a/server/controllers/ShareController.js
+++ b/server/controllers/ShareController.js
@@ -53,6 +53,10 @@ class ShareController {
       if (playbackSession) {
         if (mediaItemShare.id === playbackSession.mediaItemShareId) {
           Logger.debug(`[ShareController] Found share playback session ${req.cookies.share_session_id}`)
+          // If ?t was provided, override the cached currentTime
+          if (startTime > 0 && startTime < playbackSession.duration) {
+            playbackSession.currentTime = startTime
+          }
           mediaItemShare.playbackSession = playbackSession.toJSONForClient()
           return res.json(mediaItemShare)
         } else {
diff --git a/server/utils/ffmpegHelpers.js b/server/utils/ffmpegHelpers.js
index 80832cc77..7ad2a3aee 100644
--- a/server/utils/ffmpegHelpers.js
+++ b/server/utils/ffmpegHelpers.js
@@ -1,4 +1,5 @@
 const axios = require('axios')
+const ssrfFilter = require('ssrf-req-filter')
 const Ffmpeg = require('../libs/fluentFfmpeg')
 const ffmpgegUtils = require('../libs/fluentFfmpeg/utils')
 const fs = require('../libs/fsExtra')
@@ -97,6 +98,8 @@ async function resizeImage(filePath, outputPath, width, height) {
 module.exports.resizeImage = resizeImage
 
 /**
+ * Download podcast episode
+ * Uses SSRF filter to prevent internal URLs
  *
  * @param {import('../objects/PodcastEpisodeDownload')} podcastEpisodeDownload
  * @returns {Promise<{success: boolean, isRequestError?: boolean}>}
@@ -121,7 +124,9 @@ module.exports.downloadPodcastEpisode = (podcastEpisodeDownload) => {
             Accept: '*/*',
             'User-Agent': userAgent
           },
-          timeout: global.PodcastDownloadTimeout
+          timeout: global.PodcastDownloadTimeout,
+          httpAgent: global.DisableSsrfRequestFilter?.(podcastEpisodeDownload.url) ? null : ssrfFilter(podcastEpisodeDownload.url),
+          httpsAgent: global.DisableSsrfRequestFilter?.(podcastEpisodeDownload.url) ? null : ssrfFilter(podcastEpisodeDownload.url)
         })
 
         Logger.debug(`[ffmpegHelpers] Successfully connected with User-Agent: ${userAgent}`)