You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What steps will reproduce the problem?
We re using swfobject.js v2.2 file in our product. We have gone through
IBM app scan. It finds XSS issue in the swfobject.js file.
Here is the output from IBM app scan
Request: http://<ip>../swfobject.js
_d.write('<html><head><meta http-equiv="refresh"
content="0;url=' + _l.href.substr(0, _l.href.indexOf("#")) + '"
/></head></html>');
What is the expected output? What do you see instead?
there shouldn't be any DOM based XSS.
What version of the product are you using? On what operating system?
v2.2
Please provide any additional information below.
Original issue reported on code.google.com by [email protected] on 8 Apr 2013 at 7:49
The text was updated successfully, but these errors were encountered:
Original issue reported on code.google.com by
[email protected]on 8 Apr 2013 at 7:49The text was updated successfully, but these errors were encountered: