I'm trying to encourage an organization to fix their RSS feed, which has numerous problems with the way quotes and tags in the source text are displayed in feed readers. I'd like to be able to tell them that their feed constitutes a security risk for readers, because I think that might get their attention.
Here are a few of the issues I've documented:
- spurious extended characters
- pieces of random HTML markup
- missing characters, including entire paragraphs at times
- quote characters almost never appear (especially apostrophes)
- missing spaces between words
Sometimes a post will be so messed up that I get page after page of garbage.
I've tested several feed readers, on Windows and Mac systems, and the problems appeared in all tests. The same material looks fine when viewed on the source page.
Assuming the answer is yes, how might the risk affect users?