[SECURITY] XSS in swfupload
authorOliver Hader <oliver@typo3.org>
Wed, 4 Jul 2012 08:30:40 +0000 (10:30 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 4 Jul 2012 09:12:50 +0000 (11:12 +0200)
commitefb55f381356b3802ec5c3a22ab6c46943e2e7d5
tree9bdd4508ce485ba89e96af3e70c7c7b227f69356
parent3fbe1d24785efe829acf5ef42728d696e51885c8
[SECURITY] XSS in swfupload

There is a known XSS vulnerability in swfupload which isn't
fixed yet. Thanks to the Wordpress project for providing a
fix - we just borrowed that code.

Change-Id: Id4ca67f9cf57888a007ff6c9a2363830869eb8e6
Fixes: #38578
Releases: 6.0, 4.7, 4.6, 4.5
Security-Bulletin: TYPO3-CORE-SA-2012-003
Reviewed-on: http://review.typo3.org/12594
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/contrib/swfupload/swfupload.swf [changed mode: 0755->0644]