Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rssowl | rssowl | 2.0 |
| rssowl | rssowl | 2.0.5 |
| rssowl | rssowl | * |
| rssowl | rssowl | 2.0.2 |
| rssowl | rssowl | 2.0.1 |
| rssowl | rssowl | 2.0.3 |
| rssowl | rssowl | 2.0.6 |
| rssowl | rssowl | 2.0.4 |