[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

feedreader3 has XSS vulnerability

To: <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: feedreader3 has XSS vulnerability
From: "Guy Mizrahi" <guy@xxxxxxxxxxxxxx>
Date: Fri, 28 Sep 2007 15:02:28 +0200

Hello,

I have found that feedreader3 has XSS vulnerability in its internal browser.

When I post a script into wordpress( like <script>alert("XSS")</script>, theRSS feed in the internal browser is vulnerable and show an alert box.

POC movie here:
http://www.hacking.org.il/demos/feedreader3.wmv

Guy Mizrahi (ZuLL)

Hebrew blog: http://www.hacking.org.il

Prev by Date: Owning Big Brother: How to Crack into Axis IP cameras
Next by Date: Re: 0trace - traceroute on established connections
Previous by thread: Owning Big Brother: How to Crack into Axis IP cameras
Next by thread: Re: 0trace - traceroute on established connections
Index(es):
- Date
- Thread