CVE-2006-4761

Multiple cross-site scripting (XSS) vulnerabilities in Luke Hutteman SharpReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite.

Date published : 2006-09-13

http://www.securityfocus.com/bid/20128

http://www.cgisecurity.com/papers/RSS-Security.ppt