CVE-2010-1778
Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via an RSS feed.
Date published : 2010-07-30
http://lists.apple.com/archives/security-announce/2010//Jul/msg00001.html