Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 up to and including 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote malicious users to inject arbitrary web script or HTML via vectors related to charts/assets/charts.swf.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yahoo yui 2.7.0 |
||
yahoo yui 2.8.0 |
||
yahoo yui 2.4.0 |
||
yahoo yui 2.8.1 |
||
yahoo yui 2.5.2 |
||
yahoo yui 2.6.0 |
||
yahoo yui 2.5.0 |
||
yahoo yui 2.5.1 |