Arbitrary Script Injection Vulnerability in jPlayer.swf

Arbitrary Script Injection Vulnerability in jPlayer.swf

CVE-2013-2023 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022.

Learn more about our Web App Pen Testing.