Dom based XSS issue found in swfobject.js file

[GoogleCodeExporter]

What steps will reproduce the problem?
We re using swfobject.js v2.2 file in our product. We have gone through
IBM app scan. It finds XSS issue in the swfobject.js file.
Here is the output from IBM app scan
Request: http://<ip>../swfobject.js
_d.write('<html><head><meta http-equiv="refresh"
content="0;url=' + _l.href.substr(0, _l.href.indexOf("#")) + '" 
/></head></html>');

What is the expected output? What do you see instead?
there shouldn't be any DOM based XSS.

What version of the product are you using? On what operating system?
v2.2

Please provide any additional information below.

Original issue reported on code.google.com by anuradha...@gmail.com on 8 Apr 2013 at 7:49

[GoogleCodeExporter]

In my application,when use some scan app,it says swfobject.js file has DOM 
based XSS,the problem code snippet：

var ad = M.ie && M.win ? "ActiveX" : "PlugIn",
                ac = "MMredirectURL=" + O.location.toString().replace(/&/g, "%26") + "&MMplayerType=" + ad + "&MMdoctitle=" + j.title;  

Original comment by ycyco...@gmail.com on 28 Apr 2014 at 1:43

[GoogleCodeExporter]

IBM Rational App Scan 8.5.0.1 also gives this:

Request/Response:
http://server_name/path/swfobject.js:
 4 : var ad = M.ie && M.win ? "ActiveX" : "PlugIn",
 4 : ab.flashvars = ac
 4 : u(aa, ab, X)
 4 : function u(ai, ag, Y) {
 4 : af += '<param name="' + ad + '" value="' + ag[ad] + '" />'
 4 : aa.outerHTML = '<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"' + ah + ">" + af + "</object>";

Original comment by vladi...@milovanovic.me on 26 Dec 2014 at 12:18