A security researcher has identified more than 8 million Adobe Flash files
that make the websites hosting them vulnerable to attacks that target visitors
with malicious code.
The Flash files are contained on a wide variety of sites operated by online
casinos, news organizations, banks, and professional sports teams. They make the
pages where they reside susceptible to XSS, or cross-site scripting, attacks
that have the potential to inject malicious code and content into a visitor’s
browser and in some cases steal credentials used to authenticate user accounts.