FKIE_CVE-2013-2023

Vulnerability from fkie_nvd - Published: 2013-08-15 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022.
References
secalert@redhat.comhttp://marc.info/?l=oss-security&m=136570964825921&w=2
secalert@redhat.comhttp://marc.info/?l=oss-security&m=136726705917858&w=2
secalert@redhat.comhttp://marc.info/?l=oss-security&m=136773622321563&w=2
secalert@redhat.comhttp://seclists.org/fulldisclosure/2013/Apr/192
secalert@redhat.comhttp://www.jplayer.org/latest/release-notes/
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2013/06/27/7
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2013/07/04/5
secalert@redhat.comhttps://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4
secalert@redhat.comhttps://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b
secalert@redhat.comhttps://github.com/happyworm/jPlayer/issues/162
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=oss-security&m=136570964825921&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=oss-security&m=136726705917858&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=oss-security&m=136773622321563&w=2
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2013/Apr/192
af854a3a-2127-422b-91ae-364da2661108http://www.jplayer.org/latest/release-notes/
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/06/27/7
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/07/04/5
af854a3a-2127-422b-91ae-364da2661108https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4
af854a3a-2127-422b-91ae-364da2661108https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b
af854a3a-2127-422b-91ae-364da2661108https://github.com/happyworm/jPlayer/issues/162
Impacted products
Vendor Product Version
happyworm jplayer *
happyworm jplayer 0.2.1
happyworm jplayer 0.2.2
happyworm jplayer 0.2.3
happyworm jplayer 0.2.4
happyworm jplayer 0.2.5
happyworm jplayer 1.0.0
happyworm jplayer 1.1.0
happyworm jplayer 1.1.1
happyworm jplayer 1.2.0
happyworm jplayer 2.0.0
happyworm jplayer 2.0.1
happyworm jplayer 2.0.2
happyworm jplayer 2.0.3
happyworm jplayer 2.0.4
happyworm jplayer 2.0.5
happyworm jplayer 2.0.6
happyworm jplayer 2.0.7
happyworm jplayer 2.0.8
happyworm jplayer 2.0.9
happyworm jplayer 2.0.10
happyworm jplayer 2.0.11
happyworm jplayer 2.0.12
happyworm jplayer 2.0.13
happyworm jplayer 2.0.14
happyworm jplayer 2.0.15
happyworm jplayer 2.0.16
happyworm jplayer 2.0.17
happyworm jplayer 2.0.18
happyworm jplayer 2.0.19
happyworm jplayer 2.0.20
happyworm jplayer 2.0.21
happyworm jplayer 2.0.22
happyworm jplayer 2.0.23
happyworm jplayer 2.0.24
happyworm jplayer 2.0.25
happyworm jplayer 2.0.26
happyworm jplayer 2.0.27
happyworm jplayer 2.0.28
happyworm jplayer 2.0.29
happyworm jplayer 2.0.30
happyworm jplayer 2.0.31
happyworm jplayer 2.0.32
happyworm jplayer 2.0.33
happyworm jplayer 2.0.34
happyworm jplayer 2.0.35
happyworm jplayer 2.0.36
happyworm jplayer 2.1.0
happyworm jplayer 2.1.1
happyworm jplayer 2.1.2
happyworm jplayer 2.1.3
happyworm jplayer 2.1.4
happyworm jplayer 2.1.5
happyworm jplayer 2.1.6
happyworm jplayer 2.2.0
happyworm jplayer 2.2.1
happyworm jplayer 2.2.2
happyworm jplayer 2.2.3
happyworm jplayer 2.2.4
happyworm jplayer 2.2.5
happyworm jplayer 2.2.6
happyworm jplayer 2.2.7
happyworm jplayer 2.2.8
happyworm jplayer 2.2.9
happyworm jplayer 2.2.10
happyworm jplayer 2.2.11
happyworm jplayer 2.2.12
happyworm jplayer 2.2.13
happyworm jplayer 2.2.14
happyworm jplayer 2.2.15
happyworm jplayer 2.2.16
happyworm jplayer 2.2.17
happyworm jplayer 2.2.18
happyworm jplayer 2.2.19
happyworm jplayer 2.2.20
happyworm jplayer 2.2.21
happyworm jplayer 2.2.22
happyworm jplayer 2.2.23
happyworm jplayer 2.2.24
happyworm jplayer 2.2.25
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C5436CE-A80F-4885-A78B-074AE3C61403",
              "versionEndIncluding": "2.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "0C05F0A8-2769-4583-A475-97712D557775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.2:beta:*:*:*:*:*:*",
              "matchCriteriaId": "1C3991D8-DD4A-4622-A0E8-C65F9D73A429",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "21F669D7-3D60-44BA-91F8-548C9903E1B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.4:beta:*:*:*:*:*:*",
              "matchCriteriaId": "A84C5A87-0430-46F6-A136-39B471A79200",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:0.2.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "671BBCBC-7347-4884-8CF0-79626756FCCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF21E522-89C8-49D6-8437-C54CEAE4B234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE1B6AA-052F-403D-B0E6-81505D085E51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAACB377-B72E-4C3B-989D-8D33D47E449A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A619C177-6E97-42DC-A93F-1AB9FF62F4B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29AD3C20-0352-44A2-81C5-94D43683545C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2573E598-5171-4A4B-9054-7E52DD1C8118",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB9929D6-1BDE-438B-82F5-EA3CC85FD675",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4277499-5570-427E-AA92-39E622992F22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D662512-9A68-48C9-8362-913B432C67CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "154075A2-89E5-4104-A5A8-98F7C90B000F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9364A70E-06FA-4142-88D7-B5D50DC28025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "92A73773-E3E1-4E64-84F7-10A5AB52E8B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D1467D6-0988-4AC0-B56E-80BD9350088E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C1F3549-1F8C-41AB-82BF-636531614594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA58A0CE-0A37-4BD4-A727-7E2EB09668A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0A54796-F789-4645-B82A-2466FDA010B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C444A04-F6C4-45C2-9EDF-64D901003B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ECCC879-B1D0-4994-B650-1516ECE44E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "3944BB3A-D84E-4536-BE69-0F5F5794271E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99BED98-6C3E-4088-98C6-3D07762261C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFFAB697-EE0D-4F59-9D99-E585F9F78414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "018D71A2-7E77-42D1-8349-07681AEF08C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEC30B1A-0D62-4A25-8269-CAF087FD65A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "0796C534-782E-4000-9CD1-678B918D1644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "59B1FBE8-DF84-4AC7-B4C4-A186354DB57A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC6B210F-A45D-4C9F-9005-CCFC49CC01A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "490C6A01-F0AC-4E92-BE7F-A6579A587269",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2F18250-C5B8-4D30-8330-C07EB0A765EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "76023F77-7B30-4283-B07A-6C4C0E3382A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "0812334D-2679-4362-8EA3-C89E8786872C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "252DD6F7-8489-4387-8797-F6018456AD7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "7589B05C-E361-47CE-B5AB-70462348FC26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D031586-D974-4B98-87CA-9695547B0080",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2B1723-6C40-4992-BAE6-FCDB1C9AB7BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD668BB-C691-4A57-9E87-4AE2C2A9BC6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9431D12-58B7-4943-8E1C-80559BF83ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8733FE-C6FC-433F-91D5-A843486788B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "698CB307-8F9A-40DF-A992-1346FC36E8F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CC42A34-54AD-4C9B-A664-3FE7E5D1C317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "4062AFBE-E501-447E-9C05-B7C07473D096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD8467C8-9A25-45FF-8955-EDE06AA6ED50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35B9F1E-8FB0-4B3F-9CCE-A1A058A13582",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C62C17-DB82-4770-9C25-C5571C0CFD7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2B6617C-7C6A-4A1D-8D7F-4BFB16253396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E970BC-1C31-4FB5-A848-A98CED0711D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B790B03-4E29-4C20-86A6-FBED36647789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DF09ED-1209-4C0C-A589-99D4049DB0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BF64FC2-CCB2-4709-81FB-6CFB1D6269C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA24DA7-D0F8-4478-97CA-3144C9E3E0C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "85DC9D2C-B237-4C5C-91BC-41A765F6EA38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D662D8BD-7C84-405F-8958-D61268318144",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B62E1BCC-14FC-42B1-B783-0314481C6D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B9F733A-D5D5-453B-ACB7-45177BF44B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "30195444-2815-4D11-96EC-E2F401D681A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C7BFE4E-74B4-44B4-A64A-04311E8C1867",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCB595B-0E1D-4FA8-95C0-2C7972056B3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B8009A6-EDD4-4C00-A767-B72CC6E0F3D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DC0C8AC-EAD3-4067-B8E8-A217A1A91DF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E24FF8E-88D4-47F4-9144-D2FEA7F9D1CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB102921-177A-4290-904C-8369F83DD0E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AF1864F-DC3B-4BBD-B809-C073C625DC76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C8FF95-B063-4777-8BE5-2E3FD2F41141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBDEBEA6-4299-4390-A40D-448EB5D6B410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E000589-7D68-47D5-80E6-20189C48600C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B63C4ED-C675-4B02-AF70-899A2619BF8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "D52294B4-7963-44C9-B577-80F41AB9F70A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E5E7A83-6237-48E6-9E22-A2FAE00CF735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1F0DB8-2DC8-4D74-80C8-858FAD12C169",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D27F0E-5C23-4294-9A88-DB280A32B26E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "92E17A72-68E0-4731-A4FD-A91FB14A0D63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "79AC6B63-EFC7-48A2-A391-06FE06436058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "19FB840F-41A7-49FF-9CE1-7F4BE77B2261",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C617756-1215-4BC3-A18C-52C8B2366345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:happyworm:jplayer:2.2.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B11463D-7F28-4251-A9D2-EC7FB7B4C713",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo cross-site scripting  (XSS) en el archivo actionscript/Jplayer.as en el componente Flash SWF (jplayer.swf) en jPlayer anterior a versi\u00f3n 2.3.1, permite a atacantes remotos inyectar script web o HTML por medio de vectores no especificados, posiblemente relacionados con listas negras incompletas, una vulnerabilidad diferente de CVE-2013-1942 y CVE-2013-2022."
    }
  ],
  "id": "CVE-2013-2023",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-08-15T17:55:24.447",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://seclists.org/fulldisclosure/2013/Apr/192"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.jplayer.org/latest/release-notes/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/happyworm/jPlayer/issues/162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=136570964825921\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=136726705917858\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=136773622321563\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2013/Apr/192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.jplayer.org/latest/release-notes/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/06/27/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/07/04/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/happyworm/jPlayer/commit/8ccc429598d62eebe9f65a0a4e6fd406a123c8b4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/happyworm/jPlayer/commit/c2417972af1295be8dcc07470b0e3d25b0a77e0b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/happyworm/jPlayer/issues/162"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.