CVE-2006-4660

Name of the Vulnerable Software and Affected Versions AOL ICQ Toolbar version 1.3

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the RSS Feed module. These vulnerabilities allow remote attackers to execute arbitrary web script or HTML within the Feeds interface context. The attack can be carried out via the title and description elements within an item element in an RSS feed.

Recommendations For AOL ICQ Toolbar version 1.3, as a temporary workaround, consider disabling the RSS Feed module until a patch is available. Restrict access to the Feeds interface to minimize the risk of exploitation. Avoid using the title and description elements within RSS feeds in the affected module until the issue is resolved.