Lucene search

RedhatCVE-2013-2023

HistoryAug 15, 2013 - 5:55 p.m.

CVE-2013-2023

2013-08-1517:55:24

CWE-79

redhat

web.nvd.nist.gov

vulnerability

cross-site scripting

xss

jplayer

flash

swf

cve-2013-2023

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.011

Percentile

84.5%

JSON

Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022.

Affected configurations

Nvd

Node

happywormjplayerRange≤2.3.0

happywormjplayerMatch0.2.1beta

happywormjplayerMatch0.2.2beta

happywormjplayerMatch0.2.3beta

happywormjplayerMatch0.2.4beta

happywormjplayerMatch0.2.5beta

happywormjplayerMatch1.0.0

happywormjplayerMatch1.1.0

happywormjplayerMatch1.1.1

happywormjplayerMatch1.2.0

happywormjplayerMatch2.0.0

happywormjplayerMatch2.0.1

happywormjplayerMatch2.0.2

happywormjplayerMatch2.0.3

happywormjplayerMatch2.0.4

happywormjplayerMatch2.0.5

happywormjplayerMatch2.0.6

happywormjplayerMatch2.0.7

happywormjplayerMatch2.0.8

happywormjplayerMatch2.0.9

happywormjplayerMatch2.0.10

happywormjplayerMatch2.0.11

happywormjplayerMatch2.0.12

happywormjplayerMatch2.0.13

happywormjplayerMatch2.0.14

happywormjplayerMatch2.0.15

happywormjplayerMatch2.0.16

happywormjplayerMatch2.0.17

happywormjplayerMatch2.0.18

happywormjplayerMatch2.0.19

happywormjplayerMatch2.0.20

happywormjplayerMatch2.0.21

happywormjplayerMatch2.0.22

happywormjplayerMatch2.0.23

happywormjplayerMatch2.0.24

happywormjplayerMatch2.0.25

happywormjplayerMatch2.0.26

happywormjplayerMatch2.0.27

happywormjplayerMatch2.0.28

happywormjplayerMatch2.0.29

happywormjplayerMatch2.0.30

happywormjplayerMatch2.0.31

happywormjplayerMatch2.0.32

happywormjplayerMatch2.0.33

happywormjplayerMatch2.0.34

happywormjplayerMatch2.0.35

happywormjplayerMatch2.0.36

happywormjplayerMatch2.1.0

happywormjplayerMatch2.1.1

happywormjplayerMatch2.1.2

happywormjplayerMatch2.1.3

happywormjplayerMatch2.1.4

happywormjplayerMatch2.1.5

happywormjplayerMatch2.1.6

happywormjplayerMatch2.2.0

happywormjplayerMatch2.2.1

happywormjplayerMatch2.2.2

happywormjplayerMatch2.2.3

happywormjplayerMatch2.2.4

happywormjplayerMatch2.2.5

happywormjplayerMatch2.2.6

happywormjplayerMatch2.2.7

happywormjplayerMatch2.2.8

happywormjplayerMatch2.2.9

happywormjplayerMatch2.2.10

happywormjplayerMatch2.2.11

happywormjplayerMatch2.2.12

happywormjplayerMatch2.2.13

happywormjplayerMatch2.2.14

happywormjplayerMatch2.2.15

happywormjplayerMatch2.2.16

happywormjplayerMatch2.2.17

happywormjplayerMatch2.2.18

happywormjplayerMatch2.2.19

happywormjplayerMatch2.2.20

happywormjplayerMatch2.2.21

happywormjplayerMatch2.2.22

happywormjplayerMatch2.2.23

happywormjplayerMatch2.2.24

happywormjplayerMatch2.2.25

VendorProductVersionCPE
happywormjplayer*cpe:2.3:a:happyworm:jplayer:*:*:*:*:*:*:*:*
happywormjplayer0.2.1cpe:2.3:a:happyworm:jplayer:0.2.1:beta:*:*:*:*:*:*
happywormjplayer0.2.2cpe:2.3:a:happyworm:jplayer:0.2.2:beta:*:*:*:*:*:*
happywormjplayer0.2.3cpe:2.3:a:happyworm:jplayer:0.2.3:beta:*:*:*:*:*:*
happywormjplayer0.2.4cpe:2.3:a:happyworm:jplayer:0.2.4:beta:*:*:*:*:*:*
happywormjplayer0.2.5cpe:2.3:a:happyworm:jplayer:0.2.5:beta:*:*:*:*:*:*
happywormjplayer1.0.0cpe:2.3:a:happyworm:jplayer:1.0.0:*:*:*:*:*:*:*
happywormjplayer1.1.0cpe:2.3:a:happyworm:jplayer:1.1.0:*:*:*:*:*:*:*
happywormjplayer1.1.1cpe:2.3:a:happyworm:jplayer:1.1.1:*:*:*:*:*:*:*
happywormjplayer1.2.0cpe:2.3:a:happyworm:jplayer:1.2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
happyworm	jplayer	*	cpe:2.3:a:happyworm:jplayer::::::::
happyworm	jplayer	0.2.1	cpe:2.3:a:happyworm:jplayer:0.2.1:beta::::::
happyworm	jplayer	0.2.2	cpe:2.3:a:happyworm:jplayer:0.2.2:beta::::::
happyworm	jplayer	0.2.3	cpe:2.3:a:happyworm:jplayer:0.2.3:beta::::::
happyworm	jplayer	0.2.4	cpe:2.3:a:happyworm:jplayer:0.2.4:beta::::::
happyworm	jplayer	0.2.5	cpe:2.3:a:happyworm:jplayer:0.2.5:beta::::::
happyworm	jplayer	1.0.0	cpe:2.3:a:happyworm:jplayer:1.0.0:::::::*
happyworm	jplayer	1.1.0	cpe:2.3:a:happyworm:jplayer:1.1.0:::::::*
happyworm	jplayer	1.1.1	cpe:2.3:a:happyworm:jplayer:1.1.1:::::::*
happyworm	jplayer	1.2.0	cpe:2.3:a:happyworm:jplayer:1.2.0:::::::*