CVE-2012-2634 - Unbaffled Errors

Description

Cross-site scripting (XSS) vulnerability in FeedDemon before 4.0 when the feed preview option is enabled allows remote attackers to inject arbitrary web script or HTML via a feed.

Reference

http://jvn.jp/en/jp/JVN18397171/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000056