feedreader3 has XSS vulnerability

看板Bugtraq作者guy.時間18年前 (2007/09/29 00:22)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

Hello, I have found that feedreader3 has XSS vulnerability in its internal browser. When I post a script into wordpress( like <script>alert("XSS")</script>, the RSS feed in the internal browser is vulnerable and show an alert box. POC movie here: http://www.hacking.org.il/demos/feedreader3.wmv Guy Mizrahi (ZuLL) Hebrew blog: http://www.hacking.org.il