CVE-2006-0389
Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds.
Date published : 2006-03-03
http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html