The host is installed with Adobe Flash Player before 11.2.202.521 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which do not properly restrict the SWF file format. Successful exploitation could allow attackers to conduct cross-site request forgery (CSRF) attacks against JSONP endpoints, and obtain sensitive information.