Yahoo

Yui

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2013-6780

Exploit
  • EPSS 1.08%
  • Published 13.11.2013 15:55:04
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via the allowedDomain parameter.

4.3

CVE-2013-4939

  • EPSS 0.31%
  • Published 29.07.2013 13:59:20
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.0.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, a...

4.3

CVE-2013-4940

  • EPSS 0.34%
  • Published 29.07.2013 13:59:20
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.10.2, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows remote ...

4.3

CVE-2013-4941

  • EPSS 0.32%
  • Published 29.07.2013 13:59:20
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other product...

4.3

CVE-2013-4942

  • EPSS 0.32%
  • Published 29.07.2013 13:59:20
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in flashuploader.swf in the Uploader component in Yahoo! YUI 3.5.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other pr...

4.3

CVE-2012-5881

  • EPSS 0.37%
  • Published 16.11.2012 12:24:24
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.swf, a similar issue to CVE-2010-4207.

4.3

CVE-2012-5882

  • EPSS 0.36%
  • Published 16.11.2012 12:24:24
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208.

4.3

CVE-2012-5883

  • EPSS 0.61%
  • Published 16.11.2012 12:24:24
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to i...

4.3

CVE-2010-4710

  • EPSS 0.23%
  • Published 28.01.2011 21:00:28
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this fie...

4.3

CVE-2010-4207

  • EPSS 1.87%
  • Published 07.11.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/a...