XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp
Date: 22.04.2010
– Description
Windows Mobile shows message previews if configured to do so. Due to missing input validation the contents of a sms is not properly sanitized and interpreted as it is. This can lead to content injection and xss.