icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

SharpReader < 0.9.7.1 RSS Feed XSS

Medium

Synopsis

The remote host is vulnerable to an HTML Injection attack.

Description

The remote host is running SharpReader, a free RSS reader. SharpReader 0.9.7.0 and lower are reported to be vulnerable to flaws that would allow malicious RSS servers to execute malicious code via the SharpReader application.

Solution

Upgrade or patch according to vendor recommendations.