Flash injection vulnerability on /IV/imgPlayer/imageEmbed.swf

In this report, the researcher identified a vulnerability in a Flash file that could be exploited with Open Redirect and XSS attacks. With their help we identified the root cause and we put out an update to the impacted page to cause attempted attacks to redirect to a 404 page, rather than succeed at exploitation. Please note that since this report was made, we have added all Flash-related issues to our Exclusions list; such reports are no longer eligible for bounties.