CVEDB API

Vulnerabilities

Vulnerable Software

Longtailvideo: Security Vulnerabilities

CVE-2012-3351

Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript.

CVSS Score

6.1

EPSS Score

0.017

Published

2020-02-20

CVE-2014-4030

Cross-site request forgery (CSRF) vulnerability in the JW Player plugin before 2.1.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that remove players via a delete action to wp-admin/admin.php.

CVSS Score

6.8

EPSS Score

0.003

Published

2014-06-25

CVE-2012-2904

player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug parameter.

CVSS Score

4.3

EPSS Score

0.022

Published

2012-05-21

Page 1

Vulnerabilities

Vulnerable Software

Longtailvideo: Security Vulnerabilities

Products

Pricing

Contact Us