CVE-2010-4209 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-4209 Interim 1 5 2023-12-09T01:53:41Z current 2021-05-30T12:54:45Z 2023-12-09T01:53:41Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-4209 Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore/swfstore.swf. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3ZTRULIPYDRQXPUIKDX3WYJAEOPZ2F6W/#3ZTRULIPYDRQXPUIKDX3WYJAEOPZ2F6W E-Mail link for SUSE-SR:2010:021 https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore/swfstore.swf. CVE-2010-4209 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N