Full title: SWFUpload <= (Object Injection/CSRF) Vulnerabilities 
Category: web applications
Platform: multiple
SWFUpload all versions is suffer from Object (Image) Injection
& JavaScript Code injecton (XSRF/XSS) .
remote attacker can include a remote Images or exec some JS code.

# 0day.today @ http://0day.today/