CVE-2006-4710
CVE-2006-4710
Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://nick.typepad.com/blog/2006/08/ann_feeddemon_2.htmlhttp://nick.typepad.com/blog/2006/08/feed_security_a_1.htmlhttp://secunia.com/advisories/21995https://exchange.xforce.ibmcloud.com/vulnerabilities/29047http://www.cgisecurity.com/papers/RSS-Security.ppthttp://www.securityfocus.com/bid/20114http://www.snellspace.com/wp/?p=426http://www.snellspace.com/wp/?p=448http://www.vupen.com/english/advisories/2006/3686