CVE-2025-1269

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing. This issue affects Liman MYS: before 2.1.1 - 1010...

EUVD-2015-8633

Malware in sbrugna...

EUVD-2025-4799

Malicious code in bioql PyPI...

CVE-2015-8760

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

CVE-2025-1269

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing. This issue affects Liman MYS: before 2.1.1 - 1010...

CVE-2025-1269

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing. This issue affects Liman MYS: before 2.1.1 - 1010...

CVE-2025-1269

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing.This issue affects Liman MYS: before 2.1.1 - 1010...

CVE-2025-1269

CVE-2025-1269 describes a URL Redirection to Untrusted Site vulnerability (Open Redirect) in HAVELSAN Liman MYS. According to connected sources, the issue affects Liman MYS versions prior to 2.1.1 - 1010 and enables Cross‑Site Flashing through improper URL redirection. The root cause is a URL inp...

CVE-2025-1269 Open Redirect in HAVELSAN's Open Source Project Liman MYS

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in HAVELSAN Liman MYS allows Cross-Site Flashing. This issue affects Liman MYS: before 2.1.1 - 1010...

PT-2025-6870

Name of the Vulnerable Software and Affected Versions: HAVELSAN Liman MYS versions prior to 2.1.1 - 1010 Description: The issue affects HAVELSAN Liman MYS, allowing Cross-Site Flashing due to a URL Redirection to Untrusted Site 'Open Redirect' vulnerability. Recommendations: For versions prior to...

Cross-site Flashing

typo3/cms is vulnerable to Cross-site Flashing. The vulnerability is due to missing validation of flash and image files, allowing the embedding of flash videos from external domains...

GHSA-QRXH-46MR-PR7Q TYPO3 is susceptible to Cross-Site Flashing

The flashplayer misses to validate flash and image files. Therefore it is possible to embed flash videos from external domains...

TYPO3 is susceptible to Cross-Site Flashing

The flashplayer misses to validate flash and image files. Therefore it is possible to embed flash videos from external domains...

GHSA-3F58-74QW-PH75 TYPO3 allows remote attackers to embed Flash videos from external domain

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

TYPO3 allows remote attackers to embed Flash videos from external domain

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

RSA Authentication Manager 8.2.1.4.0-build1394922 / < 8.3 P1 - XML External Entity Injection / Cr

Exploit for java platform in category web applications SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS vulnerabilities product: RSA Authentication Manager vulnerable version: 8.2.1.4.0-build1394922, 8.3 P1...

RSA Authentication Manager 8.2.1.4.0-build1394922 8.3 P1 - XML External Entity Injection Cross-Site Flashing DOM Cross-Site Scripting

RSA Authentication Manager 8.2.1.4.0-build1394922 8.3 P1 - XML External Entity Injection Cross-Site Flashing DOM Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS vulnerabilities product: R...

RSA Authentication Manager 8.2.1.4.0-build1394922 / &lt; 8.3 P1 - XML External Entity Injection / Cross-Site Flashing / DOM Cross-Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS vulnerabilities product: RSA Authentication Manager vulnerable version: 8.2.1.4.0-build1394922, 8.3 P1 fixed version: 8.3 P1 and later CVE number: CVE-2018-1247...

Automattic: Wordpress.com REST API oauth bypass via Cross Site Flashing

Hello Automattic Security Team, There is a vulnerability in https://public-api.wordpress.com/crossdomain.xml. This file allows .yahoo.com and .yimg.com to perform cross domain requests to https://public-api.wordpress.com. However, these domains are vulnerable to Cross-Site flashing. An attacker c...

Mail.ru: Same origin policy bypass on e.mail.ru via Cross-Site Flashing

Hello Mail.Ru Security Team, There is a Cross-Site Flashing vulnerability in e.mail.ru. this vulnerability is similar to XSS except it is Flash script execution. Ref : https://www.owasp.org/index.php/TestingforCrosssiteflashingOTG-CLIENT-008 This allow an attacker to execute requests to the...