2 matches found
CVE-2007-0896
Cross-site scripting XSS vulnerability in the 1 Sage before 1.3.10, and 2 Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerability than CVE-2006-4712...
CVE-2007-0896
CVE-2007-0896 affects Sage before 1.3.10 and Sage++ extensions for Firefox. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary script or HTML via a <SCRIPT/=''SRC=' sequence in an RSS feed. Supported sources classify the issue as active hist...