Description
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208.
Remediation
References
Related Vulnerabilities
Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2022-21655)
WordPress Plugin Posts in Page Local File Inclusion (1.2.4)
WordPress Plugin User Domain Whitelist Multiple Vulnerabilities (1.4)
WordPress Plugin Import all XML, CSV & TXT into WordPress Unspecified Vulnerability (3.7.2)