2 matches found
CVE-2012-2904
player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting XSS attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug parameter...
CVE-2012-2904
CVE-2012-2904 affects LongTail JW Player 5.9 (player.swf). The vulnerability is a cross-site scripting (XSS) flaw in the debug parameter, exploitable via multiple "javascript:" sequences to inject arbitrary web script or HTML. Root cause is insufficient input handling in the debug functionality. ...