lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Sep 2007 15:02:28 +0200 From: "Guy Mizrahi" <guy@...king.org.il> To: <bugtraq@...urityfocus.com> Subject: feedreader3 has XSS vulnerability Hello, I have found that feedreader3 has XSS vulnerability in its internal browser. When I post a script into wordpress( like <script>alert("XSS")</script>, the RSS feed in the internal browser is vulnerable and show an alert box. POC movie here: http://www.hacking.org.il/demos/feedreader3.wmv Guy Mizrahi (ZuLL) Hebrew blog: http://www.hacking.org.il