Description
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208.
Remediation
References
Related Vulnerabilities
IBM RTC CVE-2017-1191 Vulnerability (CVE-2017-1191)
WordPress Plugin Multi Feed Reader SQL Injection (2.2.3)
WordPress Plugin NS Utilities Unspecified Vulnerability (1.0)
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.27)
WordPress Plugin Import any XML or CSV File to WordPress Pro Arbitrary File Upload (4.1.0)