|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
feedreader3 has XSS vulnerability
From: Guy Mizrahi (guy
hacking.org.il)
Date: Fri Sep 28 2007 - 08:02:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
I have found that feedreader3 has XSS vulnerability in its internal browser.
When I post a script into wordpress( like <script>alert("XSS")</script>, the
RSS feed in the internal browser is vulnerable and show an alert box.
POC movie here:
http://www.hacking.org.il/demos/feedreader3.wmv
Guy Mizrahi (ZuLL)
Hebrew blog: http://www.hacking.org.il
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]