CVE-2011-1158

Name of the Vulnerable Software and Affected Versions Universal Feed Parser versions 5.x before 5.0.1

Description A cross-site scripting issue exists due to an unexpected URI scheme, allowing remote attackers to inject arbitrary web script or HTML, as demonstrated by a javascript: URI.

Recommendations For versions prior to 5.0.1, update to version 5.0.1 or later to resolve the issue.