Flash Parameter Injection
Variants:
Direct
Also Known As:
FPI, Flash Injection
Vector Type:
Attack
Relevance:
Technology Version Specific
Layer:
Application-Level
Platforms:
Adobe Flash Player
Target Type:
Web Application
Affected Mechanisms:
Input Validation, Syntax Escaping
Invented In:
24/09/2008
Added In:
21/12/2014
Quick Introduction to the Topic:
Vector Operation Method:
A cross site scripting attack performed via input affecting global flash variables, which cause the attacker controlled script to be presented in the context and permissions of a flash video.
