Description
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/assets/charts.swf.
Remediation
References
Related Vulnerabilities
MediaWiki CVE-2023-45362 Vulnerability (CVE-2023-45362)
Django Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-45116)
WordPress Plugin WP Table Builder-WordPress Table Cross-Site Scripting (1.4.6)
WordPress Plugin Contact Form Submissions Unspecified Vulnerability (1.2)
WordPress Plugin BulletProof Security Multiple Vulnerabilities (.51)