5.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.008 Low
EPSS
Percentile
81.7%
Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite.
CPE | Name | Operator | Version |
---|---|---|---|
newsgator:feeddemon | newsgator feeddemon | le | 2.0.0.24 |
nick.typepad.com/blog/2006/08/ann_feeddemon_2.html
nick.typepad.com/blog/2006/08/feed_security_a_1.html
secunia.com/advisories/21995
www.cgisecurity.com/papers/RSS-Security.ppt
www.securityfocus.com/bid/20114
www.snellspace.com/wp/?p=426
www.snellspace.com/wp/?p=448
www.vupen.com/english/advisories/2006/3686
exchange.xforce.ibmcloud.com/vulnerabilities/29047