Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2013-7341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, a...

4.3CVSS5.5AI score0.02405EPSS
Exploits1References2
Veracode
Veracode
added 2018/11/16 8:4 a.m.24 views

Cross-Site Scripting (XSS)

flowplayer is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary Javascript into a victim's browser via the callback parameter in the Flash fallback feature, allowing the attacker to steal session tokens or perform unwanted actions on behalf of the user. This...

4.3CVSS5.8AI score0.02405EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2014/03/24 2:20 p.m.38 views

CVE-2013-7341

Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by 1 providing a crafted playerId or 2 referencing a...

4.3CVSS5.7AI score0.02405EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2014/03/24 2:20 p.m.25 views

CVE-2013-7341

Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by 1 providing a crafted playerId or 2 referencing a...

4.3CVSS5.9AI score0.02405EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2014/03/24 2:20 p.m.34 views

CVE-2013-7342

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback parameter, a related issue to CVE-2013-7341...

4.3CVSS6AI score0.01474EPSS
Exploits1References3
Prion
Prion
added 2014/03/24 2:20 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback parameter, a related issue to CVE-2013-7341...

4.3CVSS6AI score0.02405EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/03/22 1:0 a.m.41 views

CVE-2013-7341

Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by 1 providing a crafted playerId or 2 referencing a...

5.7AI score0.02405EPSS
Exploits0References5
CVE
CVE
added 2014/03/22 1:0 a.m.61 views

CVE-2013-7341

CVE-2013-7341 refers to multiple XSS vulnerabilities in Flowplayer Flash before 3.2.17, exploited via Moodle integrations up to Moodle 2.4.9 (and related 2.3.x, 2.4.x, 2.5.x, 2.6.x series). The vulnerabilities allow remote attackers to inject arbitrary scripts/HTML by (1) supplying a crafted play...

4.3CVSS5.8AI score0.02405EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder