I found this thread on WP.org that says the swfupload behaviour is a non-threat.
https://wordpress.org/support/to…