In Yellowfin prior to 9.6.1 there is a Stored Cross-Site Scripting vulnerability in the video embed functionality exploitable through a specially crafted HTTP POST request to the page "ActivityStreamAjax.i4".
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yellowfinbi yellowfin |