Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via the allowedDomain parameter.Referenceshttp://packetstormsecurity.com/files/130527/Cisco-Ironport-AsyncOS-Cross-Site-Scripting.htmlhttp://www.securitytracker.com/id/1029528http://openwall.com/lists/oss-security/2013/11/25/1https://yuilibrary.com/support/20131111-vulnerability/
