Description
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore/swfstore.swf.
Remediation
References
Related Vulnerabilities
Perl Improper Input Validation Vulnerability (CVE-2016-2381)
WordPress Plugin Chained Quiz Cross-Site Scripting (0.9.9)
WordPress Other Vulnerability (CVE-2006-6808)
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6146)
OpenSSL Resource Management Errors Vulnerability (CVE-2015-1792)