Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

feedreader3 has XSS vulnerability

From: "Guy Mizrahi" <guy () hacking org il>
Date: Fri, 28 Sep 2007 15:02:28 +0200
Hello,

I have found that feedreader3 has XSS vulnerability in its internal browser.
When I post a script into wordpress( like <script>alert("XSS")</script>, the RSS feed in the internal browser is vulnerable and show an alert box. 
POC movie here:
http://www.hacking.org.il/demos/feedreader3.wmv

Guy Mizrahi (ZuLL)
Hebrew blog: http://www.hacking.org.il
Previous By Date Next
Previous By Thread Next

Current thread: