Description
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208.
Remediation
References
Related Vulnerabilities
WordPress Plugin NextGEN Pro Cross-Site Scripting (3.1.9)
WordPress 3.8.3 Multiple Vulnerabilities (3.8 - 3.8.3)
XWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-29520)
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1611)
PHP Improper Encoding or Escaping of Output Vulnerability (CVE-2024-5585)