Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-104459. PoCs published by MindCracker.
AI-analyzed exploit summary The exploit describes an XSF (Cross-Site Flashing) vulnerability in SWFupload where improper input validation allows loading arbitrary SWF files via the `buttonTextStyle` parameter. The PoC demonstrates how an attacker can exploit this to load malicious SWF content from an external domain.
Description
SWFupload 2.5.0 - Cross Frame Scripting (XFS)
Exploits (1)
The exploit describes an XSF (Cross-Site Flashing) vulnerability in SWFupload where improper input validation allows loading arbitrary SWF files via the `buttonTextStyle` parameter. The PoC demonstrates how an attacker can exploit this to load malicious SWF content from an external domain.