PortSwigger Web Security: XSS in IE11 on portswigger.net via Flash
Hello Portswigger Security Team, There is a reflective XSS vulnerability in portswigger.net. The flash file https://portswigger.net/burp/tutorials/video-js/video-js.swf is from an old video.js library version 3.2.0 which is vulnerable to XSS. This XSS will be blocked by CSP instruction object-src...