Vulnerabilites related to happyworm - jplayer
CVE-2013-2023 (GCVE-0-2013-2023)
Vulnerability from cvelistv5
Published
2013-08-15 17:00
Modified
2024-08-06 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b"
},
{
"name": "[oss-security] 20130505 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"name": "[oss-security] 20130627 Re: Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/happyworm/jPlayer/issues/162"
},
{
"name": "[oss-security] 20130411 CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.jplayer.org/latest/release-notes/"
},
{
"name": "[oss-security] 20130704 Re: Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
},
{
"name": "20130421 Vulnerabilities in jPlayer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"name": "[oss-security] 20130429 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-20T02:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b"
},
{
"name": "[oss-security] 20130505 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"name": "[oss-security] 20130627 Re: Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/happyworm/jPlayer/issues/162"
},
{
"name": "[oss-security] 20130411 CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.jplayer.org/latest/release-notes/"
},
{
"name": "[oss-security] 20130704 Re: Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
},
{
"name": "20130421 Vulnerabilities in jPlayer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"name": "[oss-security] 20130429 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2023",
"datePublished": "2013-08-15T17:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:37.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1942 (GCVE-0-2013-1942)
Vulnerability from cvelistv5
Published
2013-08-15 17:00
Modified
2024-08-06 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, as demonstrated using document.write in the jQuery parameter, a different vulnerability than CVE-2013-2022 and CVE-2013-2023.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59030",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59030"
},
{
"name": "[oss-security] 20130505 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"name": "[oss-security] 20130411 CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.jplayer.org/2.3.0/release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://owncloud.org/about/security/advisories/oC-SA-2013-014/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d"
},
{
"name": "20130421 Vulnerabilities in jPlayer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"name": "[oss-security] 20130429 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, as demonstrated using document.write in the jQuery parameter, a different vulnerability than CVE-2013-2022 and CVE-2013-2023."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "59030",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59030"
},
{
"name": "[oss-security] 20130505 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"name": "[oss-security] 20130411 CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.jplayer.org/2.3.0/release-notes/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://owncloud.org/about/security/advisories/oC-SA-2013-014/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d"
},
{
"name": "20130421 Vulnerabilities in jPlayer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"name": "[oss-security] 20130429 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1942",
"datePublished": "2013-08-15T17:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:37.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2022 (GCVE-0-2013-2022)
Vulnerability from cvelistv5
Published
2013-08-17 16:00
Modified
2024-08-06 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, a different vulnerability than CVE-2013-1942 and CVE-2013-2023, as demonstrated by using the alert function in the jQuery parameter. NOTE: these are the same parameters as CVE-2013-1942, but the fix for CVE-2013-1942 uses a blacklist for the jQuery parameter.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/happyworm/jPlayer/commit/c5fe17bb4459164bd59153b57248cf94b8867373"
},
{
"name": "[oss-security] 20130505 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"name": "[oss-security] 20130627 Re: Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
},
{
"name": "[oss-security] 20130411 CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.jplayer.org/2.3.0/release-notes/"
},
{
"name": "[oss-security] 20130704 Re: Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
},
{
"name": "20130421 Vulnerabilities in jPlayer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"name": "[oss-security] 20130429 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, a different vulnerability than CVE-2013-1942 and CVE-2013-2023, as demonstrated by using the alert function in the jQuery parameter. NOTE: these are the same parameters as CVE-2013-1942, but the fix for CVE-2013-1942 uses a blacklist for the jQuery parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-20T02:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/happyworm/jPlayer/commit/c5fe17bb4459164bd59153b57248cf94b8867373"
},
{
"name": "[oss-security] 20130505 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"name": "[oss-security] 20130627 Re: Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
},
{
"name": "[oss-security] 20130411 CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.jplayer.org/2.3.0/release-notes/"
},
{
"name": "[oss-security] 20130704 Re: Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
},
{
"name": "20130421 Vulnerabilities in jPlayer",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"name": "[oss-security] 20130429 Re: CVE-2013-1942 jPlayer 2.2.19 XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2022",
"datePublished": "2013-08-17T16:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:37.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-08-15 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, as demonstrated using document.write in the jQuery parameter, a different vulnerability than CVE-2013-2022 and CVE-2013-2023.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:happyworm:jplayer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E8CE8FC-9F97-42D8-A285-A0396A4E27CE",
"versionEndIncluding": "2.2.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "0C05F0A8-2769-4583-A475-97712D557775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "1C3991D8-DD4A-4622-A0E8-C65F9D73A429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.3:beta:*:*:*:*:*:*",
"matchCriteriaId": "21F669D7-3D60-44BA-91F8-548C9903E1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "A84C5A87-0430-46F6-A136-39B471A79200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "671BBCBC-7347-4884-8CF0-79626756FCCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF21E522-89C8-49D6-8437-C54CEAE4B234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE1B6AA-052F-403D-B0E6-81505D085E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAACB377-B72E-4C3B-989D-8D33D47E449A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A619C177-6E97-42DC-A93F-1AB9FF62F4B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29AD3C20-0352-44A2-81C5-94D43683545C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2573E598-5171-4A4B-9054-7E52DD1C8118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB9929D6-1BDE-438B-82F5-EA3CC85FD675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4277499-5570-427E-AA92-39E622992F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5D662512-9A68-48C9-8362-913B432C67CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "154075A2-89E5-4104-A5A8-98F7C90B000F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9364A70E-06FA-4142-88D7-B5D50DC28025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "92A73773-E3E1-4E64-84F7-10A5AB52E8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1467D6-0988-4AC0-B56E-80BD9350088E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1F3549-1F8C-41AB-82BF-636531614594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AA58A0CE-0A37-4BD4-A727-7E2EB09668A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A54796-F789-4645-B82A-2466FDA010B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7C444A04-F6C4-45C2-9EDF-64D901003B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECCC879-B1D0-4994-B650-1516ECE44E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "3944BB3A-D84E-4536-BE69-0F5F5794271E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "D99BED98-6C3E-4088-98C6-3D07762261C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "DFFAB697-EE0D-4F59-9D99-E585F9F78414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "018D71A2-7E77-42D1-8349-07681AEF08C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FEC30B1A-0D62-4A25-8269-CAF087FD65A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "0796C534-782E-4000-9CD1-678B918D1644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "59B1FBE8-DF84-4AC7-B4C4-A186354DB57A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6B210F-A45D-4C9F-9005-CCFC49CC01A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "490C6A01-F0AC-4E92-BE7F-A6579A587269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F18250-C5B8-4D30-8330-C07EB0A765EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "76023F77-7B30-4283-B07A-6C4C0E3382A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "0812334D-2679-4362-8EA3-C89E8786872C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "252DD6F7-8489-4387-8797-F6018456AD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "7589B05C-E361-47CE-B5AB-70462348FC26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "0D031586-D974-4B98-87CA-9695547B0080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2B1723-6C40-4992-BAE6-FCDB1C9AB7BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD668BB-C691-4A57-9E87-4AE2C2A9BC6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D9431D12-58B7-4943-8E1C-80559BF83ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8733FE-C6FC-433F-91D5-A843486788B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "698CB307-8F9A-40DF-A992-1346FC36E8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC42A34-54AD-4C9B-A664-3FE7E5D1C317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "4062AFBE-E501-447E-9C05-B7C07473D096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8467C8-9A25-45FF-8955-EDE06AA6ED50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B35B9F1E-8FB0-4B3F-9CCE-A1A058A13582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63C62C17-DB82-4770-9C25-C5571C0CFD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B6617C-7C6A-4A1D-8D7F-4BFB16253396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08E970BC-1C31-4FB5-A848-A98CED0711D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3B790B03-4E29-4C20-86A6-FBED36647789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "04DF09ED-1209-4C0C-A589-99D4049DB0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF64FC2-CCB2-4709-81FB-6CFB1D6269C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA24DA7-D0F8-4478-97CA-3144C9E3E0C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85DC9D2C-B237-4C5C-91BC-41A765F6EA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D662D8BD-7C84-405F-8958-D61268318144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B62E1BCC-14FC-42B1-B783-0314481C6D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9F733A-D5D5-453B-ACB7-45177BF44B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30195444-2815-4D11-96EC-E2F401D681A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7BFE4E-74B4-44B4-A64A-04311E8C1867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCB595B-0E1D-4FA8-95C0-2C7972056B3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4B8009A6-EDD4-4C00-A767-B72CC6E0F3D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC0C8AC-EAD3-4067-B8E8-A217A1A91DF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1E24FF8E-88D4-47F4-9144-D2FEA7F9D1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BB102921-177A-4290-904C-8369F83DD0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF1864F-DC3B-4BBD-B809-C073C625DC76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "51C8FF95-B063-4777-8BE5-2E3FD2F41141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDEBEA6-4299-4390-A40D-448EB5D6B410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0E000589-7D68-47D5-80E6-20189C48600C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6B63C4ED-C675-4B02-AF70-899A2619BF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D52294B4-7963-44C9-B577-80F41AB9F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "7E5E7A83-6237-48E6-9E22-A2FAE00CF735",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7189069-5B67-4503-B7B4-942D47EB0473",
"versionEndIncluding": "5.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77DE37D0-74E5-4D66-8A2D-DA177936A4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0E5BB3-900E-4D95-B302-4120567B6155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1BB82C7-11E5-44E4-9029-76AE1F4AE937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "40348D52-10C6-4436-84DC-4B63271AF180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D77D4260-0D48-47EE-A09B-FC200CB36A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78FEEBC0-9483-4EBE-B6E4-5390144A36F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DED1F21-0941-4E3C-BA04-15D1C3B685C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3A7951FE-9C41-4CCF-933F-56204147148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8F36384F-ECB2-48F5-AB32-85AB643CD816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7DA03000-6D01-4CDA-8C83-C2AFC649B869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8206EE35-2939-44B4-BBCF-C384C6206122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E07400-C700-454C-B5EF-4992F2089BE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D068E80A-1504-4814-88BF-7A183F5A7CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACF1A42-0F83-4771-B097-CF497439C4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "CF99DF50-3984-4F56-B2C8-4FA387627490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "577514EE-9CA3-49E5-AE8A-9776F3BD40CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "46AE5738-C00D-4B38-81E0-42BF1E71887A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "ED841F08-2438-454E-BBAE-44CD847A9B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "05FB3B17-3A52-48FE-AB21-29394B81973F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "AF75E2B4-60DE-473A-9469-B0D094A8730B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "BF9E0947-F927-4616-ADF8-1BA0A3E2664A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "56D46962-C2C4-4468-9DB0-15AFF4FE8032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8577131-CCE2-4B98-8763-8F99E267BD5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "79A6F6FF-7E31-4337-93E0-ED05D3D698D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C21E9F9A-5734-4819-8845-E82ADC29ABD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D57EBB84-E1B2-44F4-BD7B-8D4A79A2E2D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2E90708D-CA85-4034-ADA7-72522812CEF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2C4F18-4056-4ED3-B1E7-C945849FE97C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DE1FA818-0C13-4F41-9AF8-F31B035491F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F48864EB-2863-4C12-8F3B-DC90C29F6719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CACD6812-4C89-46C9-B483-96829102157F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4959B6D-08B3-4A88-A30D-AE2431085D3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F66AAE70-F567-42ED-8A8C-3F9BA995D83D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "53790E63-C1FB-497B-AF30-49B932E20FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DE543ED7-C63A-47D0-8A37-D3DA94DCFCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D89BE316-CE49-49CB-85FB-B93C86E07276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD902884-4F28-4AF6-A8D7-A6CD15048B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B18395A6-B385-4ADB-9278-5F59FF339F1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, as demonstrated using document.write in the jQuery parameter, a different vulnerability than CVE-2013-2022 and CVE-2013-2023."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en actionscript/Jplayer.as en el componente Flash SWF (jplayer.swf) en jPlayer en versiones anteriores a 2.2.20, como se utiliza en ownCloud Server en versiones anteriores a 5.0.4 y otros productos, permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de los par\u00e1metros (1) jQuery o (2) id, como se demuestra usando document.write en el par\u00e1metro jQuery, una vulnerabilidad diferente a CVE-2013-2022 y CVE-2013-2023."
}
],
"id": "CVE-2013-1942",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-08-15T17:55:24.400",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://owncloud.org/about/security/advisories/oC-SA-2013-014/"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"source": "secalert@redhat.com",
"url": "http://www.jplayer.org/2.3.0/release-notes/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/59030"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://owncloud.org/about/security/advisories/oC-SA-2013-014/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.jplayer.org/2.3.0/release-notes/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/59030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-17 16:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, a different vulnerability than CVE-2013-1942 and CVE-2013-2023, as demonstrated by using the alert function in the jQuery parameter. NOTE: these are the same parameters as CVE-2013-1942, but the fix for CVE-2013-1942 uses a blacklist for the jQuery parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:happyworm:jplayer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1D31F6-F095-4098-9D84-FDB7496CAD07",
"versionEndIncluding": "2.2.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "0C05F0A8-2769-4583-A475-97712D557775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "1C3991D8-DD4A-4622-A0E8-C65F9D73A429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.3:beta:*:*:*:*:*:*",
"matchCriteriaId": "21F669D7-3D60-44BA-91F8-548C9903E1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "A84C5A87-0430-46F6-A136-39B471A79200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "671BBCBC-7347-4884-8CF0-79626756FCCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF21E522-89C8-49D6-8437-C54CEAE4B234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE1B6AA-052F-403D-B0E6-81505D085E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAACB377-B72E-4C3B-989D-8D33D47E449A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A619C177-6E97-42DC-A93F-1AB9FF62F4B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29AD3C20-0352-44A2-81C5-94D43683545C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2573E598-5171-4A4B-9054-7E52DD1C8118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB9929D6-1BDE-438B-82F5-EA3CC85FD675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4277499-5570-427E-AA92-39E622992F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5D662512-9A68-48C9-8362-913B432C67CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "154075A2-89E5-4104-A5A8-98F7C90B000F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9364A70E-06FA-4142-88D7-B5D50DC28025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "92A73773-E3E1-4E64-84F7-10A5AB52E8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1467D6-0988-4AC0-B56E-80BD9350088E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1F3549-1F8C-41AB-82BF-636531614594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AA58A0CE-0A37-4BD4-A727-7E2EB09668A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A54796-F789-4645-B82A-2466FDA010B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7C444A04-F6C4-45C2-9EDF-64D901003B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECCC879-B1D0-4994-B650-1516ECE44E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "3944BB3A-D84E-4536-BE69-0F5F5794271E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "D99BED98-6C3E-4088-98C6-3D07762261C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "DFFAB697-EE0D-4F59-9D99-E585F9F78414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "018D71A2-7E77-42D1-8349-07681AEF08C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FEC30B1A-0D62-4A25-8269-CAF087FD65A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "0796C534-782E-4000-9CD1-678B918D1644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "59B1FBE8-DF84-4AC7-B4C4-A186354DB57A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6B210F-A45D-4C9F-9005-CCFC49CC01A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "490C6A01-F0AC-4E92-BE7F-A6579A587269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F18250-C5B8-4D30-8330-C07EB0A765EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "76023F77-7B30-4283-B07A-6C4C0E3382A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "0812334D-2679-4362-8EA3-C89E8786872C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "252DD6F7-8489-4387-8797-F6018456AD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "7589B05C-E361-47CE-B5AB-70462348FC26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "0D031586-D974-4B98-87CA-9695547B0080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2B1723-6C40-4992-BAE6-FCDB1C9AB7BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD668BB-C691-4A57-9E87-4AE2C2A9BC6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D9431D12-58B7-4943-8E1C-80559BF83ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8733FE-C6FC-433F-91D5-A843486788B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "698CB307-8F9A-40DF-A992-1346FC36E8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC42A34-54AD-4C9B-A664-3FE7E5D1C317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "4062AFBE-E501-447E-9C05-B7C07473D096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8467C8-9A25-45FF-8955-EDE06AA6ED50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B35B9F1E-8FB0-4B3F-9CCE-A1A058A13582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63C62C17-DB82-4770-9C25-C5571C0CFD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B6617C-7C6A-4A1D-8D7F-4BFB16253396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08E970BC-1C31-4FB5-A848-A98CED0711D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3B790B03-4E29-4C20-86A6-FBED36647789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "04DF09ED-1209-4C0C-A589-99D4049DB0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF64FC2-CCB2-4709-81FB-6CFB1D6269C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA24DA7-D0F8-4478-97CA-3144C9E3E0C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85DC9D2C-B237-4C5C-91BC-41A765F6EA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D662D8BD-7C84-405F-8958-D61268318144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1E24FF8E-88D4-47F4-9144-D2FEA7F9D1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BB102921-177A-4290-904C-8369F83DD0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF1864F-DC3B-4BBD-B809-C073C625DC76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "51C8FF95-B063-4777-8BE5-2E3FD2F41141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDEBEA6-4299-4390-A40D-448EB5D6B410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0E000589-7D68-47D5-80E6-20189C48600C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6B63C4ED-C675-4B02-AF70-899A2619BF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D52294B4-7963-44C9-B577-80F41AB9F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "7E5E7A83-6237-48E6-9E22-A2FAE00CF735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1F0DB8-2DC8-4D74-80C8-858FAD12C169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "43D27F0E-5C23-4294-9A88-DB280A32B26E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "92E17A72-68E0-4731-A4FD-A91FB14A0D63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, a different vulnerability than CVE-2013-1942 and CVE-2013-2023, as demonstrated by using the alert function in the jQuery parameter. NOTE: these are the same parameters as CVE-2013-1942, but the fix for CVE-2013-1942 uses a blacklist for the jQuery parameter."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de tipo cross-site scripting (XSS) en el archivo actionscript/Jplayer.as en el componente Flash SWF (jplayer.swf) en jPlayer anterior a versi\u00f3n 2.2.23, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio del par\u00e1metro (1) jQuery o (2 ) id, una vulnerabilidad diferente de CVE-2013-1942 y CVE-2013-2023, como es demostrado mediante el uso de la funci\u00f3n alert en el par\u00e1metro jQuery. NOTA: estos son los mismos par\u00e1metros del CVE-2013-1942, pero la soluci\u00f3n para CVE-2013-1942 usa una lista negra para el par\u00e1metro jQuery."
}
],
"id": "CVE-2013-2022",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-08-17T16:55:06.300",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"source": "secalert@redhat.com",
"url": "http://www.jplayer.org/2.3.0/release-notes/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/happyworm/jPlayer/commit/c5fe17bb4459164bd59153b57248cf94b8867373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.jplayer.org/2.3.0/release-notes/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/happyworm/jPlayer/commit/c5fe17bb4459164bd59153b57248cf94b8867373"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-15 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:happyworm:jplayer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5436CE-A80F-4885-A78B-074AE3C61403",
"versionEndIncluding": "2.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "0C05F0A8-2769-4583-A475-97712D557775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "1C3991D8-DD4A-4622-A0E8-C65F9D73A429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.3:beta:*:*:*:*:*:*",
"matchCriteriaId": "21F669D7-3D60-44BA-91F8-548C9903E1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "A84C5A87-0430-46F6-A136-39B471A79200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "671BBCBC-7347-4884-8CF0-79626756FCCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF21E522-89C8-49D6-8437-C54CEAE4B234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE1B6AA-052F-403D-B0E6-81505D085E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAACB377-B72E-4C3B-989D-8D33D47E449A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A619C177-6E97-42DC-A93F-1AB9FF62F4B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29AD3C20-0352-44A2-81C5-94D43683545C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2573E598-5171-4A4B-9054-7E52DD1C8118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB9929D6-1BDE-438B-82F5-EA3CC85FD675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4277499-5570-427E-AA92-39E622992F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5D662512-9A68-48C9-8362-913B432C67CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "154075A2-89E5-4104-A5A8-98F7C90B000F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9364A70E-06FA-4142-88D7-B5D50DC28025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "92A73773-E3E1-4E64-84F7-10A5AB52E8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1467D6-0988-4AC0-B56E-80BD9350088E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1F3549-1F8C-41AB-82BF-636531614594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AA58A0CE-0A37-4BD4-A727-7E2EB09668A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A54796-F789-4645-B82A-2466FDA010B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7C444A04-F6C4-45C2-9EDF-64D901003B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECCC879-B1D0-4994-B650-1516ECE44E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "3944BB3A-D84E-4536-BE69-0F5F5794271E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "D99BED98-6C3E-4088-98C6-3D07762261C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "DFFAB697-EE0D-4F59-9D99-E585F9F78414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "018D71A2-7E77-42D1-8349-07681AEF08C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "FEC30B1A-0D62-4A25-8269-CAF087FD65A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "0796C534-782E-4000-9CD1-678B918D1644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "59B1FBE8-DF84-4AC7-B4C4-A186354DB57A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6B210F-A45D-4C9F-9005-CCFC49CC01A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "490C6A01-F0AC-4E92-BE7F-A6579A587269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F18250-C5B8-4D30-8330-C07EB0A765EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "76023F77-7B30-4283-B07A-6C4C0E3382A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "0812334D-2679-4362-8EA3-C89E8786872C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "252DD6F7-8489-4387-8797-F6018456AD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "7589B05C-E361-47CE-B5AB-70462348FC26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "0D031586-D974-4B98-87CA-9695547B0080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2B1723-6C40-4992-BAE6-FCDB1C9AB7BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD668BB-C691-4A57-9E87-4AE2C2A9BC6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D9431D12-58B7-4943-8E1C-80559BF83ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8733FE-C6FC-433F-91D5-A843486788B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "698CB307-8F9A-40DF-A992-1346FC36E8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC42A34-54AD-4C9B-A664-3FE7E5D1C317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "4062AFBE-E501-447E-9C05-B7C07473D096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8467C8-9A25-45FF-8955-EDE06AA6ED50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B35B9F1E-8FB0-4B3F-9CCE-A1A058A13582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63C62C17-DB82-4770-9C25-C5571C0CFD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B6617C-7C6A-4A1D-8D7F-4BFB16253396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08E970BC-1C31-4FB5-A848-A98CED0711D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3B790B03-4E29-4C20-86A6-FBED36647789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "04DF09ED-1209-4C0C-A589-99D4049DB0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF64FC2-CCB2-4709-81FB-6CFB1D6269C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA24DA7-D0F8-4478-97CA-3144C9E3E0C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85DC9D2C-B237-4C5C-91BC-41A765F6EA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D662D8BD-7C84-405F-8958-D61268318144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B62E1BCC-14FC-42B1-B783-0314481C6D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0B9F733A-D5D5-453B-ACB7-45177BF44B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30195444-2815-4D11-96EC-E2F401D681A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7BFE4E-74B4-44B4-A64A-04311E8C1867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCB595B-0E1D-4FA8-95C0-2C7972056B3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4B8009A6-EDD4-4C00-A767-B72CC6E0F3D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC0C8AC-EAD3-4067-B8E8-A217A1A91DF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1E24FF8E-88D4-47F4-9144-D2FEA7F9D1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BB102921-177A-4290-904C-8369F83DD0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF1864F-DC3B-4BBD-B809-C073C625DC76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "51C8FF95-B063-4777-8BE5-2E3FD2F41141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDEBEA6-4299-4390-A40D-448EB5D6B410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0E000589-7D68-47D5-80E6-20189C48600C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6B63C4ED-C675-4B02-AF70-899A2619BF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D52294B4-7963-44C9-B577-80F41AB9F70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "7E5E7A83-6237-48E6-9E22-A2FAE00CF735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1F0DB8-2DC8-4D74-80C8-858FAD12C169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "43D27F0E-5C23-4294-9A88-DB280A32B26E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "92E17A72-68E0-4731-A4FD-A91FB14A0D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "79AC6B63-EFC7-48A2-A391-06FE06436058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "19FB840F-41A7-49FF-9CE1-7F4BE77B2261",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "1C617756-1215-4BC3-A18C-52C8B2366345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "1B11463D-7F28-4251-A9D2-EC7FB7B4C713",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo actionscript/Jplayer.as en el componente Flash SWF (jplayer.swf) en jPlayer anterior a versi\u00f3n 2.3.1, permite a atacantes remotos inyectar script web o HTML por medio de vectores no especificados, posiblemente relacionados con listas negras incompletas, una vulnerabilidad diferente de CVE-2013-1942 y CVE-2013-2022."
}
],
"id": "CVE-2013-2023",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-08-15T17:55:24.447",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"source": "secalert@redhat.com",
"url": "http://www.jplayer.org/latest/release-notes/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/happyworm/jPlayer/issues/162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2013/Apr/192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.jplayer.org/latest/release-notes/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/happyworm/jPlayer/issues/162"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}