What can be done about Flash allowing a URL parameter to point to an attacker's content?

Forum|Forum|10 years ago
March 31, 2016
1 reply
259 views

Our application uses Flash and one of the files allows a URL parameter to direct it to receive content. An attacker can exploit this by tricking a user into visiting a crafted URL making it look as though it’s our company’s content, but actually from the attacker.

Further attempts to exploit this, such as with cross-site flashing, failed as only content could be displayed, but no code was able to be executed.

This topic has been closed for replies.

kglad

Community Expert

why is that url saved and used by another user?

Remix with Firefly Community Gallery

Thousands of free creations to fall in love with and remix in Firefly.

Explore now

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded