jQuery jPlayer – CVE-2013-2023


Kayran has detected multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in the version of the jPlayer you use.
This can happen possibly because there are incomplete blacklists.

This is a different vulnerability than CVE-2013-1942 and CVE-2013-2022.

This vulnerability allows remote attackers to inject arbitrary web scripts or any HTML by using unspecified vectors.


CVSS Version 2.0 – 4.3 Medium


Update the version of the jPlayer being used.
Make sure its version is 2.3.1 or higher.




< Return to all Vulnerabilities

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

Using VPN

What is a VPN? Why should someone be using VPN? Which Problems does is solve? and what is the advantages and disadvantages of it? Let’s

Read More »