This pattern has been deprecated as it is covered by a chaining relationship between CAPEC-174: Flash Parameter Injection and CAPEC-591: Stored XSS. Please refer to these CAPECs going forward.
CAPEC 246 DEPRECATED: XSS Using Flash
Deprecated
Detailed
Unknown Risk