Flock Browser RSS Feed Cross Site Scripting Vulnerability Network Vulnerability

Summary

This host is installed with Flock browser and is prone to cross site scripting vulnerability.

Impact

Successful exploitation will allow attackers to execute HTML code in the context of the affected browser, bypass the same-origin protection and obtain potentially sensitive information. Impact Level: Application

Solution

Upgrade to the Flock version 3.0.0.4114 For updates refer to http://www.flock.com/

Insight

The flaw is due to the improper validation of user-supplied input when processing RSS feeds.

Affected

Flock versions 3.0 to 3.0.0.4113

References

http://www.securityfocus.com/archive/1/archive/1/513701/100/0/threaded
http://xforce.iss.net/xforce/xfdb/61820

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3262

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)
Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)
Apple Safari 'Webkit' Information Disclosure Vulnerability (Win)
Apache /server-info accessible
Adobe Reader Multiple Vulnerabilities - Aug07 (Linux)

Flock Browser RSS Feed Cross site scripting Vulnerability

Take action and discover your vulnerabilities