Test Methods ( Detailed Overview )

Here is a list of every test performed by Web Scan Service.

InfoSoft FusionCharts/PowerCharts Possible Remote SWF Inclusion

Remediation Task

Check server configuration

WASC Classification

Information Disclosure: Information Leakage

Affected Products

This issue may affect different types of products

Technical Description

Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by InfoSoft FusionCharts/Powercharts allows remote attackers to inject arbitrary additional SWF content via a URL in the SRC attribute of an IMG element in the dataURL parameter.

Fix Recommendation

Verify the web application and server configuration.