Details
Vendor Site: Avant browser (www.avantbrowser.com)
Date: December, 5 2012 – CVE (TBA)
Affected Software: Avant Browser Ultimate 2012 Build 28 and potentially previous versions
Status: Unpatched
Researcher: Roberto Suggi Liverani - @malerisch
PDF version: Avant_multiple_vulnerabilities_advisory.pdf
Stored Cross Site Scripting - Feed Reader (browser://localhost/lst?*)
A malicious user can inject and store arbitrary JavaScript/HTML code via multiple RSS feed elements. Vulnerable elements are the following:
<title> element:JavaScript injection using HTML encoded payload<link> element:JavaScript injection using javascript: pseudouri ( this is rendered in about:blank zone.)<description> element: JavaScript injection using HTML encoded payload The following table shows an example of malicious RSS feed:
<?xml version='1.0' encoding="ISO-8859-1"?>
<rss version='2.0'>
<channel>
<description>Malerisch.net</description>
<…
Vendor Site: Avant browser (www.avantbrowser.com)
Date: December, 5 2012 – CVE (TBA)
Affected Software: Avant Browser Ultimate 2012 Build 28 and potentially previous versions
Status: Unpatched
Researcher: Roberto Suggi Liverani - @malerisch
PDF version: Avant_multiple_vulnerabilities_advisory.pdf
Stored Cross Site Scripting - Feed Reader (browser://localhost/lst?*)
A malicious user can inject and store arbitrary JavaScript/HTML code via multiple RSS feed elements. Vulnerable elements are the following:
<title> element:JavaScript injection using HTML encoded payload<link> element:JavaScript injection using javascript: pseudouri ( this is rendered in about:blank zone.)<description> element: JavaScript injection using HTML encoded payload The following table shows an example of malicious RSS feed:
<?xml version='1.0' encoding="ISO-8859-1"?>
<rss version='2.0'>
<channel>
<description>Malerisch.net</description>
<…