CVE-2013-4171
Apache Roller is affected by multiple XSS vulnerabilities in the search results templates for RSS/Atom feeds, affecting versions before 5.0.2. The issue allows remote attackers to inject arbitrary scripts/HTML. A fix is available in Roller 5.0.2 (vendor patch). If exploitation details are not dis...