Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field.Referenceshttp://www.macromedia.com/support/flash/ts/documents/clicktag_security.htmhttp://lists.grok.org.uk/pipermail/full-disclosure/2003-April/004514.htmlhttp://www.securiteam.com/securitynews/5XP0B0U9PE.htmlhttp://marc.info/?l=bugtraq&m=105033712615013&w=2
