Description
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore/swfstore.swf.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Download Monitor Multiple Cross-Site Scripting Vulnerabilities (3.9.4)
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1453)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2199)
WordPress Plugin Appointment Booking Calendar SQL Injection (1.1.23)
WordPress Plugin leads5050-visitor-insights Security Bypass (1.0.5)