Description
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via the allowedDomain parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Alpine PhotoTile for Instagram Cross-Site Scripting (1.2.7.4)
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.13)
Oracle JRE CVE-2013-1481 Vulnerability (CVE-2013-1481)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-9787)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2011-1941)