persistent xss through flash swf file attachment download

2012-05-21T07:54:40
ID ATLASSIAN:CONFCLOUD-25544
Type atlassian
Reporter dblack
Modified 2017-04-02T08:00:39

Description

It is possible to upload a flash swf file which when the attachment 'download' url is visited the flash swf file is executed in the browser and as such can use ExternalInterface.call() method to inject javascript defined in the swf file into the browser.