Search criteria
4 vulnerabilities found for jw_player by longtailvideo
CVE-2012-3351 (GCVE-0-2012-3351)
Vulnerability from nvd – Published: 2020-02-20 17:52 – Updated: 2024-08-06 20:05
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://technet.microsoft.com/security/msvr/msvr12-009"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/54101/discuss"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/55199/exploit"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37552"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37672"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-20T17:52:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://technet.microsoft.com/security/msvr/msvr12-009"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/54101/discuss"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/55199/exploit"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/37552"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/37672"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://developer.longtailvideo.com/trac/ticket/1585",
"refsource": "MISC",
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"name": "http://technet.microsoft.com/security/msvr/msvr12-009",
"refsource": "MISC",
"url": "http://technet.microsoft.com/security/msvr/msvr12-009"
},
{
"name": "https://www.securityfocus.com/bid/54101/discuss",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/54101/discuss"
},
{
"name": "https://www.securityfocus.com/bid/55199/exploit",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/55199/exploit"
},
{
"name": "https://www.exploit-db.com/exploits/37552",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/37552"
},
{
"name": "https://www.exploit-db.com/exploits/37672",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/37672"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3351",
"datePublished": "2020-02-20T17:52:01",
"dateReserved": "2012-06-13T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2904 (GCVE-0-2012-2904)
Vulnerability from nvd – Published: 2012-05-21 18:00 – Updated: 2024-08-06 19:50
VLAI?
Summary
player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.longtailvideo.com/support/forums/jw-player/bug-reports/26699/xss-exists-in-debug-functionality"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.wooyun.org/bugs/wooyun-2010-07166"
},
{
"name": "jwplayer-player-debug-xss(75672)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75672"
},
{
"name": "49130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49130"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"name": "53554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53554"
},
{
"name": "20120516 JW player xss security flaw",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2012/May/132"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple \"javascript:\" sequences in the debug parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.longtailvideo.com/support/forums/jw-player/bug-reports/26699/xss-exists-in-debug-functionality"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.wooyun.org/bugs/wooyun-2010-07166"
},
{
"name": "jwplayer-player-debug-xss(75672)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75672"
},
{
"name": "49130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49130"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"name": "53554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53554"
},
{
"name": "20120516 JW player xss security flaw",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2012/May/132"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple \"javascript:\" sequences in the debug parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.longtailvideo.com/support/forums/jw-player/bug-reports/26699/xss-exists-in-debug-functionality",
"refsource": "CONFIRM",
"url": "http://www.longtailvideo.com/support/forums/jw-player/bug-reports/26699/xss-exists-in-debug-functionality"
},
{
"name": "http://www.wooyun.org/bugs/wooyun-2010-07166",
"refsource": "MISC",
"url": "http://www.wooyun.org/bugs/wooyun-2010-07166"
},
{
"name": "jwplayer-player-debug-xss(75672)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75672"
},
{
"name": "49130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49130"
},
{
"name": "http://developer.longtailvideo.com/trac/ticket/1585",
"refsource": "CONFIRM",
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"name": "53554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53554"
},
{
"name": "20120516 JW player xss security flaw",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2012/May/132"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2904",
"datePublished": "2012-05-21T18:00:00",
"dateReserved": "2012-05-21T00:00:00",
"dateUpdated": "2024-08-06T19:50:05.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3351 (GCVE-0-2012-3351)
Vulnerability from cvelistv5 – Published: 2020-02-20 17:52 – Updated: 2024-08-06 20:05
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://technet.microsoft.com/security/msvr/msvr12-009"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/54101/discuss"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/55199/exploit"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37552"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37672"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-20T17:52:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://technet.microsoft.com/security/msvr/msvr12-009"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/54101/discuss"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/55199/exploit"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/37552"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/37672"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://developer.longtailvideo.com/trac/ticket/1585",
"refsource": "MISC",
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"name": "http://technet.microsoft.com/security/msvr/msvr12-009",
"refsource": "MISC",
"url": "http://technet.microsoft.com/security/msvr/msvr12-009"
},
{
"name": "https://www.securityfocus.com/bid/54101/discuss",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/54101/discuss"
},
{
"name": "https://www.securityfocus.com/bid/55199/exploit",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/55199/exploit"
},
{
"name": "https://www.exploit-db.com/exploits/37552",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/37552"
},
{
"name": "https://www.exploit-db.com/exploits/37672",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/37672"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3351",
"datePublished": "2020-02-20T17:52:01",
"dateReserved": "2012-06-13T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2904 (GCVE-0-2012-2904)
Vulnerability from cvelistv5 – Published: 2012-05-21 18:00 – Updated: 2024-08-06 19:50
VLAI?
Summary
player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.longtailvideo.com/support/forums/jw-player/bug-reports/26699/xss-exists-in-debug-functionality"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.wooyun.org/bugs/wooyun-2010-07166"
},
{
"name": "jwplayer-player-debug-xss(75672)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75672"
},
{
"name": "49130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49130"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"name": "53554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53554"
},
{
"name": "20120516 JW player xss security flaw",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2012/May/132"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple \"javascript:\" sequences in the debug parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.longtailvideo.com/support/forums/jw-player/bug-reports/26699/xss-exists-in-debug-functionality"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.wooyun.org/bugs/wooyun-2010-07166"
},
{
"name": "jwplayer-player-debug-xss(75672)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75672"
},
{
"name": "49130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49130"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"name": "53554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53554"
},
{
"name": "20120516 JW player xss security flaw",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2012/May/132"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple \"javascript:\" sequences in the debug parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.longtailvideo.com/support/forums/jw-player/bug-reports/26699/xss-exists-in-debug-functionality",
"refsource": "CONFIRM",
"url": "http://www.longtailvideo.com/support/forums/jw-player/bug-reports/26699/xss-exists-in-debug-functionality"
},
{
"name": "http://www.wooyun.org/bugs/wooyun-2010-07166",
"refsource": "MISC",
"url": "http://www.wooyun.org/bugs/wooyun-2010-07166"
},
{
"name": "jwplayer-player-debug-xss(75672)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75672"
},
{
"name": "49130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49130"
},
{
"name": "http://developer.longtailvideo.com/trac/ticket/1585",
"refsource": "CONFIRM",
"url": "http://developer.longtailvideo.com/trac/ticket/1585"
},
{
"name": "53554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53554"
},
{
"name": "20120516 JW player xss security flaw",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2012/May/132"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2904",
"datePublished": "2012-05-21T18:00:00",
"dateReserved": "2012-05-21T00:00:00",
"dateUpdated": "2024-08-06T19:50:05.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}