fkie_nvd - fkie_cve-2013-2023

fkie_cve-2013-2023

Vulnerability from fkie_nvd

Published

2013-08-15 17:55

Modified

2024-11-21 01:50

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022.

References

▼	URL	Tags
	secalert@redhat.com	http://marc.info/?l=oss-security&m=136570964825921&w=2
	secalert@redhat.com	http://marc.info/?l=oss-security&m=136726705917858&w=2
	secalert@redhat.com	http://marc.info/?l=oss-security&m=136773622321563&w=2
	secalert@redhat.com	http://seclists.org/fulldisclosure/2013/Apr/192
	secalert@redhat.com	http://www.jplayer.org/latest/release-notes/
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2013/06/27/7
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2013/07/04/5
	secalert@redhat.com	https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4
	secalert@redhat.com	https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b
	secalert@redhat.com	https://github.com/happyworm/jPlayer/issues/162
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=oss-security&m=136570964825921&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=oss-security&m=136726705917858&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=oss-security&m=136773622321563&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2013/Apr/192
	af854a3a-2127-422b-91ae-364da2661108	http://www.jplayer.org/latest/release-notes/
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2013/06/27/7
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2013/07/04/5
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/happyworm/jPlayer/issues/162

Impacted products

Vendor	Product	Version
happyworm	jplayer	*
happyworm	jplayer	0.2.1
happyworm	jplayer	0.2.2
happyworm	jplayer	0.2.3
happyworm	jplayer	0.2.4
happyworm	jplayer	0.2.5
happyworm	jplayer	1.0.0
happyworm	jplayer	1.1.0
happyworm	jplayer	1.1.1
happyworm	jplayer	1.2.0
happyworm	jplayer	2.0.0
happyworm	jplayer	2.0.1
happyworm	jplayer	2.0.2
happyworm	jplayer	2.0.3
happyworm	jplayer	2.0.4
happyworm	jplayer	2.0.5
happyworm	jplayer	2.0.6
happyworm	jplayer	2.0.7
happyworm	jplayer	2.0.8
happyworm	jplayer	2.0.9
happyworm	jplayer	2.0.10
happyworm	jplayer	2.0.11
happyworm	jplayer	2.0.12
happyworm	jplayer	2.0.13
happyworm	jplayer	2.0.14
happyworm	jplayer	2.0.15
happyworm	jplayer	2.0.16
happyworm	jplayer	2.0.17
happyworm	jplayer	2.0.18
happyworm	jplayer	2.0.19
happyworm	jplayer	2.0.20
happyworm	jplayer	2.0.21
happyworm	jplayer	2.0.22
happyworm	jplayer	2.0.23
happyworm	jplayer	2.0.24
happyworm	jplayer	2.0.25
happyworm	jplayer	2.0.26
happyworm	jplayer	2.0.27
happyworm	jplayer	2.0.28
happyworm	jplayer	2.0.29
happyworm	jplayer	2.0.30
happyworm	jplayer	2.0.31
happyworm	jplayer	2.0.32
happyworm	jplayer	2.0.33
happyworm	jplayer	2.0.34
happyworm	jplayer	2.0.35
happyworm	jplayer	2.0.36
happyworm	jplayer	2.1.0
happyworm	jplayer	2.1.1
happyworm	jplayer	2.1.2
happyworm	jplayer	2.1.3
happyworm	jplayer	2.1.4
happyworm	jplayer	2.1.5
happyworm	jplayer	2.1.6
happyworm	jplayer	2.2.0
happyworm	jplayer	2.2.1
happyworm	jplayer	2.2.2
happyworm	jplayer	2.2.3
happyworm	jplayer	2.2.4
happyworm	jplayer	2.2.5
happyworm	jplayer	2.2.6
happyworm	jplayer	2.2.7
happyworm	jplayer	2.2.8
happyworm	jplayer	2.2.9
happyworm	jplayer	2.2.10
happyworm	jplayer	2.2.11
happyworm	jplayer	2.2.12
happyworm	jplayer	2.2.13
happyworm	jplayer	2.2.14
happyworm	jplayer	2.2.15
happyworm	jplayer	2.2.16
happyworm	jplayer	2.2.17
happyworm	jplayer	2.2.18
happyworm	jplayer	2.2.19
happyworm	jplayer	2.2.20
happyworm	jplayer	2.2.21
happyworm	jplayer	2.2.22
happyworm	jplayer	2.2.23
happyworm	jplayer	2.2.24
happyworm	jplayer	2.2.25

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C5436CE-A80F-4885-A78B-074AE3C61403",
              "versionEndIncluding": "2.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "0C05F0A8-2769-4583-A475-97712D557775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.2:beta:*:*:*:*:*:*",
              "matchCriteriaId": "1C3991D8-DD4A-4622-A0E8-C65F9D73A429",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "21F669D7-3D60-44BA-91F8-548C9903E1B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.4:beta:*:*:*:*:*:*",
              "matchCriteriaId": "A84C5A87-0430-46F6-A136-39B471A79200",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "671BBCBC-7347-4884-8CF0-79626756FCCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF21E522-89C8-49D6-8437-C54CEAE4B234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE1B6AA-052F-403D-B0E6-81505D085E51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAACB377-B72E-4C3B-989D-8D33D47E449A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A619C177-6E97-42DC-A93F-1AB9FF62F4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29AD3C20-0352-44A2-81C5-94D43683545C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2573E598-5171-4A4B-9054-7E52DD1C8118",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB9929D6-1BDE-438B-82F5-EA3CC85FD675",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4277499-5570-427E-AA92-39E622992F22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D662512-9A68-48C9-8362-913B432C67CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "154075A2-89E5-4104-A5A8-98F7C90B000F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9364A70E-06FA-4142-88D7-B5D50DC28025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "92A73773-E3E1-4E64-84F7-10A5AB52E8B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D1467D6-0988-4AC0-B56E-80BD9350088E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C1F3549-1F8C-41AB-82BF-636531614594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA58A0CE-0A37-4BD4-A727-7E2EB09668A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0A54796-F789-4645-B82A-2466FDA010B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C444A04-F6C4-45C2-9EDF-64D901003B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ECCC879-B1D0-4994-B650-1516ECE44E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "3944BB3A-D84E-4536-BE69-0F5F5794271E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99BED98-6C3E-4088-98C6-3D07762261C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFFAB697-EE0D-4F59-9D99-E585F9F78414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "018D71A2-7E77-42D1-8349-07681AEF08C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEC30B1A-0D62-4A25-8269-CAF087FD65A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "0796C534-782E-4000-9CD1-678B918D1644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "59B1FBE8-DF84-4AC7-B4C4-A186354DB57A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC6B210F-A45D-4C9F-9005-CCFC49CC01A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "490C6A01-F0AC-4E92-BE7F-A6579A587269",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2F18250-C5B8-4D30-8330-C07EB0A765EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "76023F77-7B30-4283-B07A-6C4C0E3382A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "0812334D-2679-4362-8EA3-C89E8786872C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "252DD6F7-8489-4387-8797-F6018456AD7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "7589B05C-E361-47CE-B5AB-70462348FC26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D031586-D974-4B98-87CA-9695547B0080",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2B1723-6C40-4992-BAE6-FCDB1C9AB7BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD668BB-C691-4A57-9E87-4AE2C2A9BC6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9431D12-58B7-4943-8E1C-80559BF83ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8733FE-C6FC-433F-91D5-A843486788B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "698CB307-8F9A-40DF-A992-1346FC36E8F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CC42A34-54AD-4C9B-A664-3FE7E5D1C317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4062AFBE-E501-447E-9C05-B7C07473D096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD8467C8-9A25-45FF-8955-EDE06AA6ED50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35B9F1E-8FB0-4B3F-9CCE-A1A058A13582",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C62C17-DB82-4770-9C25-C5571C0CFD7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2B6617C-7C6A-4A1D-8D7F-4BFB16253396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E970BC-1C31-4FB5-A848-A98CED0711D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B790B03-4E29-4C20-86A6-FBED36647789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DF09ED-1209-4C0C-A589-99D4049DB0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BF64FC2-CCB2-4709-81FB-6CFB1D6269C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA24DA7-D0F8-4478-97CA-3144C9E3E0C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "85DC9D2C-B237-4C5C-91BC-41A765F6EA38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D662D8BD-7C84-405F-8958-D61268318144",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B62E1BCC-14FC-42B1-B783-0314481C6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B9F733A-D5D5-453B-ACB7-45177BF44B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "30195444-2815-4D11-96EC-E2F401D681A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C7BFE4E-74B4-44B4-A64A-04311E8C1867",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCB595B-0E1D-4FA8-95C0-2C7972056B3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B8009A6-EDD4-4C00-A767-B72CC6E0F3D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DC0C8AC-EAD3-4067-B8E8-A217A1A91DF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E24FF8E-88D4-47F4-9144-D2FEA7F9D1CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB102921-177A-4290-904C-8369F83DD0E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AF1864F-DC3B-4BBD-B809-C073C625DC76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C8FF95-B063-4777-8BE5-2E3FD2F41141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBDEBEA6-4299-4390-A40D-448EB5D6B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E000589-7D68-47D5-80E6-20189C48600C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63C4ED-C675-4B02-AF70-899A2619BF8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52294B4-7963-44C9-B577-80F41AB9F70A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E5E7A83-6237-48E6-9E22-A2FAE00CF735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1F0DB8-2DC8-4D74-80C8-858FAD12C169",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D27F0E-5C23-4294-9A88-DB280A32B26E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "92E17A72-68E0-4731-A4FD-A91FB14A0D63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "79AC6B63-EFC7-48A2-A391-06FE06436058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "19FB840F-41A7-49FF-9CE1-7F4BE77B2261",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C617756-1215-4BC3-A18C-52C8B2366345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B11463D-7F28-4251-A9D2-EC7FB7B4C713",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo cross-site scripting  (XSS) en el archivo actionscript/Jplayer.as en el componente Flash SWF (jplayer.swf) en jPlayer anterior a versi\u00f3n 2.3.1, permite a atacantes remotos inyectar script web o HTML por medio de vectores no especificados, posiblemente relacionados con listas negras incompletas, una vulnerabilidad diferente de CVE-2013-1942 y CVE-2013-2022."
    }
  ],
  "id": "CVE-2013-2023",
  "lastModified": "2024-11-21T01:50:53.050",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-08-15T17:55:24.447",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://seclists.org/fulldisclosure/2013/Apr/192"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.jplayer.org/latest/release-notes/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/happyworm/jPlayer/issues/162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2013/Apr/192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.jplayer.org/latest/release-notes/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/happyworm/jPlayer/issues/162"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2013-2023

Vulnerability from cvelistv5

Published

2013-08-15 17:00

Modified

2024-08-06 15:20