Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 up to and including 2.9.0 allows remote malicious users to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yahoo yui 2.7.0 |
||
yahoo yui 2.8.0 |
||
yahoo yui 2.5.2 |
||
yahoo yui 2.6.0 |
||
yahoo yui 2.9.0 |
||
yahoo yui 2.4.0 |
||
yahoo yui 2.4.1 |
||
yahoo yui 2.8.1 |
||
yahoo yui 2.5.0 |
||
yahoo yui 2.5.1 |
||
yahoo yui 2.8.2 |