Lucene search
HistoryMar 24, 2014 - 2:20 p.m.
CVE-2013-7342
xss
cve-2013-7342
flowplayer
html5
flash
vulnerability
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.6%
Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback parameter, a related issue to CVE-2013-7341.
Affected configurations
Node
flowplayerflowplayer_html5Match5.4.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| flowplayer:flowplayer_html5 | flowplayer flowplayer html5 | eq | 5.4.1 |
Related
nvd
nvd
ubuntucve
ubuntucve
prion
prion
Cross site scripting
2014-03-24 14:20:00
Cross site scripting
2014-03-24 14:20:00
Cross site scripting
2014-03-24 14:20:00
cvelist
cvelist
osv
osv
Moodle cross-site scripting (XSS) vulnerabilities
2022-05-13 01:12:49
cve
cve
CVE-2013-7341
2014-03-24 14:20:39
CVE-2013-7343
2014-03-24 14:20:39
github
github
Moodle cross-site scripting (XSS) vulnerabilities
2022-05-13 01:12:49
veracode
veracode
Cross-Site Scripting (XSS)
2018-11-16 08:04:15
Cross-Site Scripting (XSS)
2018-11-16 08:10:11
friendsofphp
friendsofphp
Cross-Site Scripting in 3rd party library Flowplayer
2015-07-01 14:20:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0160)
2022-01-28 00:00:00
mageia
mageia
Updated moodle packages fix multiple security vulnerabilities
2014-04-03 21:23:49
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.6%
Related for CVE-2013-7342