« Forging HTTP request headers with Flash | Main | Feed Injection in Web 2.0: Hacking RSS and Atom Feed Implementations »

RSS and Atom Security risks whitepaper is out!

I started researching RSS and Atom feed vulns last September but got distracted for 6 months or so with work/life. I've written a basic paper discussing the issues relating to Cross Site Scripting and web based feeds. I cover the risks associated with the following types of readers:

* Web Based Readers (such as bloglines)
* Local Readers (Such as your web browser, or stand alone feed reader)
* Websites using feed content directly on their own website
* Websites using feed content and merging it into their own feed

I'll be at blackhat this week so story updates will be a little slow.

Article Link: http://www.cgisecurity.com/papers/HackingFeeds.pdf


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

Post a comment

Remember personal info?