Description
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore/swfstore.swf.
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2009-0993 Vulnerability (CVE-2009-0993)
Oracle Application Server CVE-2006-3712 Vulnerability (CVE-2006-3712)
MySQL CVE-2014-6530 Vulnerability (CVE-2014-6530)
PostgreSQL Cryptographic Issues Vulnerability (CVE-2011-2483)
WordPress Plugin Awesome Filterable Portfolio Multiple SQL Injection Vulnerabilities (1.8.6)