#StackBounty: #xss #appsec #vulnerability #cve #flash What are the latest same-origin bypasses in Flash Player about?

Bounty: 50

Looking for an example of such vulnerability in ActionScript 3, I quickly found:

  • cve‑2014‑0580
  • cve‑2014‑0531
  • cve‑2014‑0533
  • cve‑2016‑7890
  • cve‑2015‑7628

In each case I was unable to gather further details other than how a universal cross-site scripting works.

I’m especially interested in cve‑2017‑3085, since I’m looking about redirect issues.


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.