2 matches found
CVE-2022-4928
CVE-2022-4928 affects icplayer up to version 0.819, where the AddonText_Selection_create function in addons/Text_Selection/src/presenter.js is vulnerable to cross-site scripting. The issue can be exploited remotely. Upgrading to version 0.820 mitigates the vulnerability (patch identifier 2223628e...
CVE-2022-4929
icplayer up to version 0.818 is affected by a cross-site scripting issue in addons/Commons/src/tts-utils.js. The vulnerability arises from the manipulation of that file and may be triggered remotely. The impact is limited to the affected component, with the known fix being an upgrade to version 0...