CVE-2016-9263

CVE-2016-9263

WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection (XSF) attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file.

Source: CVE-2016-9263

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다