Cross-site scripting (XSS) vulnerability in FeedDemon before 4.0, when the feed preview option is enabled, allows remote attackers to inject arbitrary web script or HTML via a feed.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| newsgator | feeddemon | 2.7 |
| newsgator | feeddemon | * |
| newsgator | feeddemon | 2.0.0.24 |
| newsgator | feeddemon | 2.6.1.4 |
| newsgator | feeddemon | 2.6 |
| newsgator | feeddemon | 2 |
| newsgator | feeddemon | 2.6.1.5 |