CVE-2007-6102

Feed to JavaScript 1.91 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Feed to JavaScript (Feed2JS) 1.91 allows remote attackers to inject arbitrary web script or HTML via a URL in a feed.

References (6)

[Third Party Advisory] http://jvn.jp/jp/JVN%2333218020/index.html

[Vendor Advisory] http://secunia.com/advisories/27749

[Various Sources] http://eduforge.org/forum/forum.php?forum_id=1227

[Various Sources] http://www.ipa.go.jp/security/vuln/documents/2007/JVN_33218020.html

[Third Party Advisory, VDB Entry] http://osvdb.org/38870

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/3961

Scores

EPSS 0.0051

EPSS Percentile 66.0%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

feed2js/feed2js

Timeline

Published Nov 23, 2007

Tracked Since Feb 18, 2026