MidnightBSD

Advisories for magpierss

CVE-2005-3955 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (2) rss_url parameter to (b) magpie_slashbox.php and (c) simple_smarty.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
blogbuddies blogbuddies 0.3
jaws jaws 0.6.2
magpierss magpierss 7.1