The host is missing a security update according to Adobe advisory, APSB16-46. The update is required to fix a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle user-supplied input. Successful exploitation allows attackers to execute arbitrary code.