Vulnerabilites related to mediaelementjs - mediaelement.js
cve-2016-4567
Vulnerability from cvelistv5
Published
2016-05-22 01:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/johndyer/mediaelement/blob/master/changelog.md | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2016/05/07/2 | mailing-list, x_refsource_MLIST | |
| https://codex.wordpress.org/Version_4.5.2 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1035818 | vdb-entry, x_refsource_SECTRACK | |
| https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c | x_refsource_MISC | |
| https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e | x_refsource_CONFIRM | |
| https://wpvulndb.com/vulnerabilities/8488 | x_refsource_MISC | |
| https://wordpress.org/news/2016/05/wordpress-4-5-2/ | x_refsource_CONFIRM | |
| https://core.trac.wordpress.org/changeset/37371 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:26.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/johndyer/mediaelement/blob/master/changelog.md"
},
{
"name": "[oss-security] 20160507 CVE Request: wordpress and mediaelement",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/07/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codex.wordpress.org/Version_4.5.2"
},
{
"name": "1035818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035818"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/8488"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wordpress.org/news/2016/05/wordpress-4-5-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://core.trac.wordpress.org/changeset/37371"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by \"jsinitfunctio%gn.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/johndyer/mediaelement/blob/master/changelog.md"
},
{
"name": "[oss-security] 20160507 CVE Request: wordpress and mediaelement",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/07/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codex.wordpress.org/Version_4.5.2"
},
{
"name": "1035818",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035818"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/8488"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wordpress.org/news/2016/05/wordpress-4-5-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://core.trac.wordpress.org/changeset/37371"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4567",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by \"jsinitfunctio%gn.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/johndyer/mediaelement/blob/master/changelog.md",
"refsource": "CONFIRM",
"url": "https://github.com/johndyer/mediaelement/blob/master/changelog.md"
},
{
"name": "[oss-security] 20160507 CVE Request: wordpress and mediaelement",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/07/2"
},
{
"name": "https://codex.wordpress.org/Version_4.5.2",
"refsource": "CONFIRM",
"url": "https://codex.wordpress.org/Version_4.5.2"
},
{
"name": "1035818",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035818"
},
{
"name": "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c",
"refsource": "MISC",
"url": "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c"
},
{
"name": "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e",
"refsource": "CONFIRM",
"url": "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e"
},
{
"name": "https://wpvulndb.com/vulnerabilities/8488",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/8488"
},
{
"name": "https://wordpress.org/news/2016/05/wordpress-4-5-2/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/news/2016/05/wordpress-4-5-2/"
},
{
"name": "https://core.trac.wordpress.org/changeset/37371",
"refsource": "CONFIRM",
"url": "https://core.trac.wordpress.org/changeset/37371"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4567",
"datePublished": "2016-05-22T01:00:00",
"dateReserved": "2016-05-07T00:00:00",
"dateUpdated": "2024-08-06T00:32:26.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1967
Vulnerability from cvelistv5
Published
2014-02-05 15:00
Modified
2024-08-06 15:20
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/83647 | vdb-entry, x_refsource_XF | |
| https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=955307 | x_refsource_CONFIRM | |
| http://seclists.org/oss-sec/2013/q2/111 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/53079 | third-party-advisory, x_refsource_SECUNIA | |
| http://owncloud.org/about/security/advisories/oC-SA-2013-017 | x_refsource_CONFIRM | |
| http://seclists.org/oss-sec/2013/q2/133 | mailing-list, x_refsource_MLIST | |
| https://github.com/johndyer/mediaelement/tree/2.11.1 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "mediaelementjs-flashmediaelement-xss(83647)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83647"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955307"
},
{
"name": "[oss-security] 20130417 Fwd: Re: CVE Request: ownCloud 5.0.5 and 4.5.10",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q2/111"
},
{
"name": "53079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53079"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://owncloud.org/about/security/advisories/oC-SA-2013-017"
},
{
"name": "[oss-security] 20130421 ownCloud Security Advisories (2013-017, 2013-018)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q2/133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/johndyer/mediaelement/tree/2.11.1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "mediaelementjs-flashmediaelement-xss(83647)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83647"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955307"
},
{
"name": "[oss-security] 20130417 Fwd: Re: CVE Request: ownCloud 5.0.5 and 4.5.10",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q2/111"
},
{
"name": "53079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53079"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://owncloud.org/about/security/advisories/oC-SA-2013-017"
},
{
"name": "[oss-security] 20130421 ownCloud Security Advisories (2013-017, 2013-018)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q2/133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/johndyer/mediaelement/tree/2.11.1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1967",
"datePublished": "2014-02-05T15:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:37.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2016-05-22 01:59
Modified
2024-11-21 02:52
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediaelementjs | mediaelement.js | * | |
| wordpress | wordpress | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1F3E4B-3818-4C0E-9BFA-B2183A8CE8D5",
"versionEndIncluding": "2.20.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5AB579-3BD2-49C4-9260-E8FB37637360",
"versionEndIncluding": "4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by \"jsinitfunctio%gn.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en flash/FlashMediaElement.as en MediaElement.js en versiones anteriores a 2.21.0, como se utiliza en WordPress en versiones anteriores a 4.5.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de un formulario ofuscado del par\u00e1metro jsinitfunction, como es demostrado por \"jsinitfunctio%gn\"."
}
],
"id": "CVE-2016-4567",
"lastModified": "2024-11-21T02:52:30.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-22T01:59:31.230",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/05/07/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035818"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://codex.wordpress.org/Version_4.5.2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://core.trac.wordpress.org/changeset/37371"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/johndyer/mediaelement/blob/master/changelog.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://wordpress.org/news/2016/05/wordpress-4-5-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/8488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/05/07/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://codex.wordpress.org/Version_4.5.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://core.trac.wordpress.org/changeset/37371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/johndyer/mediaelement/blob/master/changelog.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://wordpress.org/news/2016/05/wordpress-4-5-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://wpvulndb.com/vulnerabilities/8488"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-05 15:10
Modified
2024-11-21 01:50
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA26473-CFC6-47C4-AFE2-3054009C72B1",
"versionEndIncluding": "2.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "240CE762-4A1C-4DA2-B3B2-CA62EE52D0A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "07E7E16E-4CEE-4A52-BBFB-A6B91F554F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3BBB9D-E51F-45CE-80A2-8C941C61D226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE56777-4889-4EA5-ACCE-30E9BD4160BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F2661722-5819-4A10-8E20-F55742FC4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0D578448-06BC-4357-9869-F6A82ADF8454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "61F877B3-EB9D-4EC1-8C41-47AC43D2B4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1917822-5F80-4D6B-B0EC-FBD19D6838B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66323183-39E6-4B61-8D02-31BABE830742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4A1A46F6-4BD6-4C4D-BB80-C6F0248EBA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1FD461-CBFA-47B5-AFA9-F53493564CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "63CA46F2-D56C-4623-873F-03F76AE0967A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D48EC6C3-FA37-4EBF-8E5E-3A2642078CE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C4067F47-07AE-49FD-ABF4-33639E1F82E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F6982962-AF0F-4FBD-BEFE-684D82155DFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB916FFE-72D0-4952-A253-6AE469A390F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "688FC4B8-B09F-4F7D-98A5-B58127112588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6A45E1-EC36-4E80-8893-8BE16E8FBBD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3BB08E-6D8E-4E38-8899-B464D49FCC6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9FEE2BB-48F2-41D5-BB15-C8A999406416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A486DBC-85B8-4FEA-A353-EB31BEE48FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AF65E521-43E8-4264-8871-59DA99ECF989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DBAA10E4-CDBA-4FD5-8651-F7598FA77129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "33CBE52A-ACEA-4111-B3E6-AB1336F171B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3AF7654-E0E0-48EC-91BA-806F79391472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "760B1D50-D216-4931-ACE0-1A1F4C317988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE0548B-A35B-431E-B42B-84CAB8E4EC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CB61B69A-66B9-4C5C-A16B-1C3F9EEB15DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A65BF1E-61C7-4600-A1D0-D41D16A136A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4673260C-72A4-4E1F-8762-94A511828701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF5E7B9-08F9-40C4-BD4C-F540777BADCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "64830A8B-3066-4128-B66B-72EE83B3AEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E92C560A-8541-4E13-8605-D9821E2F2BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "922C630F-B3AE-4FB6-BE62-02D86E71ADF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D07ED7E1-44B4-48A1-82B2-8E293E0AB65F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C35E695A-D051-49C0-8CED-1BF8BBE1DA81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BDED28-1792-4B00-816A-F25AA3B63C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF363EE-4C2C-46C5-91A0-41BEC3C35B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF4CF6E-0DAC-4F8F-8C26-00261B2A5A86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "81E2112D-E069-43DF-AC97-413833190790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18B789B0-EA7B-4374-BC57-6889B6734715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFCB4FBC-DE26-4DFE-BC54-D4D9FBD4A968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "469C4EF8-269F-4720-A795-EFBD4E416E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F5D42F6-7503-4CDE-88D0-CD864B4DDBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFAE329-FED7-4605-9412-0EC179052DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F299E7B-91F8-43DA-816A-B57D39578A9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72D1457F-B1BD-4F6C-AA9E-25E2C5A6CA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5C83BD72-FF91-459C-AB43-535ECF32F356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BC3D75-F2D8-4F07-994D-68F6D1BCFA1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C91E7FF3-72B0-4259-8251-57E4C8EDA96E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B8CB5D-0C8C-48C2-AC35-8892345FC15D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "53EE9E64-AD8E-4977-A4A5-4844F1754A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E20C7FBF-A9D5-42B0-A158-A96350F04DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E011E781-BC0D-4F82-990B-D6C3D9399D38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "87334357-BC8E-4D84-80EC-DC4F5875BB76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44BC2156-5E22-4E91-ACFE-5FED3E243202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A207B2-EF39-4B7D-A5CA-7888104A048C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BFDA2F2-1C4A-4F88-9064-C1B2BED96A86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6359E2E1-D5E3-447D-AED4-8ECACF519744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A36FA3C-15AE-451E-8501-EC16BC724B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFE7414-9B96-4F1D-91C5-CC696EAB9453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF94D01-0957-4813-B7AE-83203C641375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0A4102-E5EB-4506-8885-1ED8E4E40D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8B5C825F-7EEF-41B7-96BF-0422F8362321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "03DBF23C-CFDC-4B45-85A6-308FC2B3B6D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8D9B75-C502-41DF-9BF4-443431B1EC7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0A0BE7-DC7B-4F26-8E76-C91D32B16A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43977908-CF0D-4506-B79D-CB6BBB103202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B10A7BBC-ACEF-4688-BC82-8A2A3DA2495C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CC7114-7EAF-4328-8026-11A7C988E379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B362D262-CB7A-4987-AD26-406E20DE9BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3B9287-AC9F-488B-A6F4-1AC822BBBAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF01655F-80A2-4A6B-9F30-18E39581F971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E08AB56D-506A-4D31-AD83-12A5937393B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "99D723BA-E386-456D-8BC3-91390798B4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "75538474-59FA-444C-865C-7B401A491476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9852A84C-BAA9-43E7-BD30-D6F5D752502E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BC86F25A-605B-4B1C-8E5A-8022CC59619F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2C77250D-017E-4907-923E-127227EB68CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E1583C4C-6501-48ED-BF31-AFCF38C5D59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF826F2B-83E1-4E64-A56C-B564028EBD6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22A19441-2041-45DC-9F59-783C9B1FF9D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43448288-B129-4210-9680-55836869F09F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78639CDB-3763-4E71-B4F9-E51E5A261A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8DBE1CE3-7A8D-4C97-8066-F59C346A0494",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en flashmediaelement.swf en MediaElement.js anterior a 2.11.2, utilizado en OwnCloud Server 5.0.x anterior a 5.0.5 y 4.5.x anterior a 4.5.10, permite a atacantes remotos inyectar script Web o HTML arbitrario a trav\u00e9s del par\u00e1metro file."
}
],
"id": "CVE-2013-1967",
"lastModified": "2024-11-21T01:50:45.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-02-05T15:10:05.017",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://owncloud.org/about/security/advisories/oC-SA-2013-017"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/oss-sec/2013/q2/111"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://seclists.org/oss-sec/2013/q2/133"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53079"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955307"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83647"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/johndyer/mediaelement/tree/2.11.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://owncloud.org/about/security/advisories/oC-SA-2013-017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2013/q2/111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://seclists.org/oss-sec/2013/q2/133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/53079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/johndyer/mediaelement/tree/2.11.1"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}