Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

OdysseySuite™ Internet Banking vuln.

Public Media Manager <= 1.3 Remote File Inclusion Vulnerability

From:	Guy Mizrahi <guy_(at)_hacking.org.il>
Date:	01.10.2007
Subject:	feedreader3 has XSS vulnerability

Hello,

I have found that feedreader3 has XSS vulnerability in its internal browser.
When I post a script into wordpress( like <script>alert("XSS")</script>, the
RSS feed in the internal browser is vulnerable and show an alert box.
POC movie here:
http://www.hacking.org.il/demos/feedreader3.wmv

Guy Mizrahi (ZuLL)
Hebrew blog: http://www.hacking.org.il