CVE-2013-6880 XSS in FlashCanvas Proxy.php
Advisory Information Title: FlashCanvas proxy.php XSS Vulnerability Date published: November 2013 Ref: CVE-2013-6880 Advisory Summary Script does not adequately verify the Referer header before requesting (via curl) the remote URL specified in the ‘url’ GET parameter and rendering it Vendor FlashCanvas.net <http://flashcanvas.net/> Affected Software FlashCanvas 1.5 and possibly older. FlashCanvas is also used in other software frameworks […]
Read More