MD Anonymous almost 18 years ago [hidden] I hope you are aware that SWF files are a wide-open XSS vector, and don't put anything important in cookies here? This file could just as easily steal everyone's cookies. 0 Reply Copy ID Copy Link
MD Anonymous almost 18 years ago [hidden] Actually, it seems that adding allowScriptAccess="never" to the embed tag closes this particular hole. You probably want to do that. 0 Reply Copy ID Copy Link