RSSOwl < 1.2.3 Atom Feed XSS
Medium Nessus Network Monitor Plugin ID 3746
SynopsisThe remote host is vulnerable to an HTML Injection attack.
DescriptionThe remote host is running RSSOwl, a free RSS reader. RSSOwl 1.2.2 (build 2006-08-27) and lower are reported vulnerable to flaws that would allow malicious RSS servers to execute malicious code via the RSSOwl application.
SolutionUpgrade to version 1.2.3 or higher.