Description
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf.
Remediation
References
Related Vulnerabilities
MySQL CVE-2013-5807 Vulnerability (CVE-2013-5807)
MySQL CVE-2021-2072 Vulnerability (CVE-2021-2072)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3617)
WordPress Plugin Import and export users and customers Directory Traversal (1.14.2)
WordPress Plugin Registrations for the Events Calendar-Event Registration SQL Injection (2.7.5)