A recent security scan in our organisation revealed that ac_oetags.js file included in Flex SDK 3.5B, dynamically generates vulnerable lines of script. As a result, it makes the application prone to DOM Based Cross-Site Scripting.
Flex SDK Version: 3.5B
Line Number: 162
CVSS Score: 7.5
Any suggestions/fixes for the vulnerability would be welcomed.