[SECURITY] XSS in swfupload
authorOliver Hader <oliver@typo3.org>
Wed, 4 Jul 2012 08:30:40 +0000 (10:30 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 4 Jul 2012 09:12:15 +0000 (11:12 +0200)
commit4356de409700a9b55f7afa1cdac07938945a76e9
treec40340ba005a5a356ef3fdfb9ef1af534b4a95c1
parentd5cb5fbc4535d4959795180a446b29d1d11be5a7
[SECURITY] XSS in swfupload

There is a known XSS vulnerability in swfupload which isn't
fixed yet. Thanks to the Wordpress project for providing a
fix - we just borrowed that code.

Change-Id: I67a669d1a9898ae52d1430ccb5e455041ea1c733
Fixes: #38578
Releases: 6.0, 4.7, 4.6, 4.5
Security-Bulletin: TYPO3-CORE-SA-2012-003
Reviewed-on: http://review.typo3.org/12591
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/contrib/swfupload/swfupload.swf [changed mode: 0755->0644]