5.5 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.6%
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via the allowedDomain parameter.