Description

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."

Remediation

References

CVE-2015-8760

Related Vulnerabilities

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.23)

WordPress Plugin WordPress Calls to Action Unspecified Vulnerability (2.3.1)

WordPress Plugin GD Star Rating 'votes' Parameter SQL Injection (1.9.8)

WordPress Plugin CMS Tree Page View Cross-Site Scripting (1.2.31)

MySQL Other Vulnerability (CVE-2010-3680)

Severity

Medium

Classification

CVE-2015-8760 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities