Adobe has patched a security flaw in its Flex SDK product that could lead to cross-site scripting attacks against some applications that were built using the SDK. The vulnerability affects versions 3.6 and below and 4.5.1 and below. The Flex SDK is a free, open source application framework that Adobe produces to enable developers to write apps across a variety of devices and platforms. Adobe recommends that Flex users update their vulnerable versions of the framework as soon as possible and then go through the process of determining whether any apps built with those Flex releases are vulnerable.
Source: https://threatpost.com/adobe-fixes-flaw-flex-sdk-framework-120111/75945/