3 matches found
SUSE CVE-2013-3565
Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...
Mageia: Security Advisory (MGASA-2013-0241)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-3565
CVE-2013-3565 affects VideoLAN VLC Media Player through its HTTP Interface, with multiple XSS vulnerabilities in the web UI. Versions prior to 2.0.7 are affected. An attacker can craft requests to the HTTP endpoints (requests/vlm_cmd.xml, requests/browse.xml) or include a URI in a request, which ...