{"description":"Firefox Sage Extension RSS Feed Script Insertion Vulnerability - Advisories - Secunia Cross Context Scripting with Sage - GNUCITIZEN Taken SPC : Sage \u306b\u672a\u30d1\u30c3\u30c1\u306e XSS \u8106\u5f31\u6027 PoC \u3082\u3042\u308a\u3002\u3080\u30fc\u3002file:// \u3067\u30b9\u30af\u30ea\u30d7\u30c8\u304c\u52d5\u304f\u306e\u306f\u60b2\u3057\u3044\u306a\u3041\u3002\u3068\u308a\u3042\u3048\u305a\u3001\u300c\u30b3\u30f3\u30c6\u30f3\u30c4\u30a8\u30ea\u30a2\u306b\u30d5\u30a3\u30fc\u30c9\u3092\u8aad\u307f\u8fbc\u3080\u300d\u3092\u7121\u52b9\u306b\u3057\u3066\u308b\u3068\u5927\u4e08\u592b\u3063\u307d\u3044\u3002 \u3069\u3046\u3067\u3082\u3044\u3044\u3051\u3069\u3001RSS \u306b\u5bfe\u3059\u308b\u30b9\u30af\u30ea\u30d7\u30c8\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3092 XSS \u3068\u3044\u3046\u306e\u306f\u3059\u3054\u304f\u9055\u548c\u611f\u304c\u3042\u308b\u4eca\u65e5\u3053\u306e\u9803\u3002","version":"1.0","provider_url":"https://hatena.blog","type":"rich","title":" Firefox \u7528\u5b9a\u756aRSS\u30ea\u30fc\u30c0 Sage \u306b\u304a\u3051\u308b RSS Script Injection","width":"100%","provider_name":"Hatena Blog","blog_title":"\u8449\u3063\u3071\u65e5\u8a18","image_url":null,"author_name":"hasegawayosuke","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fhasegawa.hatenablog.com%2Fentry%2F20060915%2Fp2\" title=\" Firefox \u7528\u5b9a\u756aRSS\u30ea\u30fc\u30c0 Sage \u306b\u304a\u3051\u308b RSS Script Injection - \u8449\u3063\u3071\u65e5\u8a18\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","published":"2006-09-15 00:00:02","url":"https://hasegawa.hatenablog.com/entry/20060915/p2","author_url":"https://blog.hatena.ne.jp/hasegawayosuke/","blog_url":"https://hasegawa.hatenablog.com/","categories":["SECURITY","Firefox"],"height":"190"}