Lucene search
Adam BixbyEDB-ID:33180HistoryAug 19, 2009 - 12:00 a.m.
Adobe Flex SDK 3.x - 'index.template.html' Cross-Site Scripting
2009-08-1900:00:00
Adam Bixby
www.exploit-db.com
14
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/36087/info
Adobe Flex SDK is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to express-install template files.
An attacker could exploit this vulnerability to execute arbitrary script code in the context of a web application built using the SDK. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to Flex SDK 3.4 are vulnerable.
http://www.example.com/Flex/index.template.html?"/></object><script>alert('XSS')</script> Related
prion
prion
Cross site scripting
2009-08-21 17:30:00
seebug
seebug
Adobe Flex开发包index.template.html页面跨站脚本漏洞
2009-08-21 00:00:00
cve
cve
CVE-2009-1879
2009-08-21 17:30:00
checkpoint_advisories
checkpoint_advisories
Adobe Flex SDK Cross-Site Scripting (APSB09-13; CVE-2009-1879)
2009-09-14 00:00:00
openvas
openvas
Adobe Flex SDK Cross-Site Scripting Vulnerability - Windows
2009-08-27 00:00:00
Adobe Flex SDK Cross-Site Scripting Vulnerability (Windows)
2009-08-27 00:00:00
cvelist
cvelist
CVE-2009-1879
2009-08-21 17:00:00
nvd
nvd
CVE-2009-1879
2009-08-21 17:30:00