Cross-site Flashing

typo3/cms is vulnerable to Cross-site Flashing. The vulnerability is due to missing validation of flash and image files, allowing the embedding of flash videos from external domains...

Open Redirect

Overview typo3/cms is a free open source Content Management Framework. Affected versions of this package are vulnerable to Open Redirect via unspecified vectors. An attacker can embed Flash videos from external domains by exploiting the Flvplayer component. Remediation Upgrade typo3/cms to versio...

TYPO3 allows remote attackers to embed Flash videos from external domain

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

Cross site scripting

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

CVE-2015-8760

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

CVE-2015-8760

The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."...

SA-CONTRIB-2015-059 - Spider Video Player - Multiple vulnerabilities - Unsupported

Spider Video Player module enables you to add HTML5 and Flash videos to your site. The module doesn't sufficiently check user input when deleting files. A malicious user could delete arbitrary files by making a request to a specially-crafted URL. This vulnerability is mitigated by the fact that t...

openSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0466-1)

Update to 19.0.1079 Security Fixes bnc754456 : - High CVE-2011-3050: Use-after-free with first-letter handling - High CVE-2011-3045: libpng integer issue from upstream - High CVE-2011-3051: Use-after-free in CSS cross-fade handling - High CVE-2011-3052: Memory corruption in WebGL canvas handling...

SuSE Update for update openSUSE-SU-2012:0466-1 (update)

Check for the Version of update OpenVAS Vulnerability Test $Id: gbsuse201204661.nasl 8257 2017-12-29 06:29:46Z teissa $ SuSE Update for update openSUSE-SU-2012:0466-1 update Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program ...

update for chromium, v8 (important)

Update to 19.0.1079 Security Fixes bnc754456: High CVE-2011-3050: Use-after-free with first-letter handling High CVE-2011-3045: libpng integer issue from upstream High CVE-2011-3051: Use-after-free in CSS cross-fade handling High CVE-2011-3052: Memory corruption in WebGL canvas handling High...

XMB Forum 1.9.5-Final XSS

XMB Forum 1.9.5 I have not tested this on earlier versions allows users to embed flash .swf videos in their posts. Normally, you could set an option on the object tag to say that ActionScript cannot run, but in this case we don't. The way we execute our code is by making a flash movie containing...