Happyworm jPlayer 2.2.22

CPE Details

Happyworm jPlayer 2.2.22
happyworm
jplayer
2.2.22
2013-08-16
12h34 +00:00
2013-08-19
16h51 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:happyworm:jplayer:2.2.22:*:*:*:*:*:*:*

Informations

Vendor

happyworm

Product

jplayer

Version

2.2.22

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2013-2022 2013-08-17 14h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, a different vulnerability than CVE-2013-1942 and CVE-2013-2023, as demonstrated by using the alert function in the jQuery parameter. NOTE: these are the same parameters as CVE-2013-1942, but the fix for CVE-2013-1942 uses a blacklist for the jQuery parameter.
4.3
CVE-2013-2023 2013-08-15 15h00 +00:00 Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022.
4.3