jQuery jPlayer – CVE-2013-1942

Description

Kayran has detected multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component in the version of the jPlayer you use.

This allow remote attackers to inject arbitrary web scripts or HTML by using the “jQuery” or “id” parameters.

Severity/Score

CVSS Version 2.0 – 4.3 Medium

Recommendation

Update the version of your jPlayer.
Make sure its version is 2.2.20 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1942

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »

Passwords 101

Unlike basketballs, “passwords” are things we don’t want to be passed around, especially in a society built around the idea that “mystery” is appealing. We

Read More »

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

Read More »