CVE-2019-25086
The CVE-2019-25086 entry describes a cross-site scripting (XSS) vulnerability in IET-OU Open Media Player up to version 1.5.0, affected by the webvtt function in application/controllers/timedtext.php. Manipulating the ttml_url parameter enables remote XSS. A fix is available in version 1.5.1, wit...