Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 up to and including 2.9.0 allows remote malicious users to inject arbitrary web script or HTML via the allowedDomain parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yahoo yui 2.5.0 |
||
yahoo yui 2.5.1 |
||
yahoo yui 2.8.2 |
||
yahoo yui 2.9.0 |
||
yahoo yui 2.6.0 |
||
yahoo yui 2.8.0 |
||
yahoo yui 2.5.2 |
||
yahoo yui 2.7.0 |
||
yahoo yui 2.8.1 |