CVE-2013-1967
Published Feb 5, 2014
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAA26473-CFC6-47C4-AFE2-3054009C72B1",
"versionEndIncluding": "2.11.1"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "240CE762-4A1C-4DA2-B3B2-CA62EE52D0A3"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07E7E16E-4CEE-4A52-BBFB-A6B91F554F24"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF3BBB9D-E51F-45CE-80A2-8C941C61D226"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DE56777-4889-4EA5-ACCE-30E9BD4160BC"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2661722-5819-4A10-8E20-F55742FC4142"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D578448-06BC-4357-9869-F6A82ADF8454"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61F877B3-EB9D-4EC1-8C41-47AC43D2B4C5"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1917822-5F80-4D6B-B0EC-FBD19D6838B8"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66323183-39E6-4B61-8D02-31BABE830742"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A1A46F6-4BD6-4C4D-BB80-C6F0248EBA43"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D1FD461-CBFA-47B5-AFA9-F53493564CEC"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63CA46F2-D56C-4623-873F-03F76AE0967A"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D48EC6C3-FA37-4EBF-8E5E-3A2642078CE8"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4067F47-07AE-49FD-ABF4-33639E1F82E0"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6982962-AF0F-4FBD-BEFE-684D82155DFA"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB916FFE-72D0-4952-A253-6AE469A390F3"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "688FC4B8-B09F-4F7D-98A5-B58127112588"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F6A45E1-EC36-4E80-8893-8BE16E8FBBD1"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA3BB08E-6D8E-4E38-8899-B464D49FCC6C"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9FEE2BB-48F2-41D5-BB15-C8A999406416"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A486DBC-85B8-4FEA-A353-EB31BEE48FED"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF65E521-43E8-4264-8871-59DA99ECF989"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBAA10E4-CDBA-4FD5-8651-F7598FA77129"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33CBE52A-ACEA-4111-B3E6-AB1336F171B3"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3AF7654-E0E0-48EC-91BA-806F79391472"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "760B1D50-D216-4931-ACE0-1A1F4C317988"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CE0548B-A35B-431E-B42B-84CAB8E4EC1D"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB61B69A-66B9-4C5C-A16B-1C3F9EEB15DD"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A65BF1E-61C7-4600-A1D0-D41D16A136A7"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4673260C-72A4-4E1F-8762-94A511828701"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEF5E7B9-08F9-40C4-BD4C-F540777BADCE"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64830A8B-3066-4128-B66B-72EE83B3AEDC"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E92C560A-8541-4E13-8605-D9821E2F2BD8"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "922C630F-B3AE-4FB6-BE62-02D86E71ADF0"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D07ED7E1-44B4-48A1-82B2-8E293E0AB65F"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C35E695A-D051-49C0-8CED-1BF8BBE1DA81"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6BDED28-1792-4B00-816A-F25AA3B63C3A"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFF363EE-4C2C-46C5-91A0-41BEC3C35B5C"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FF4CF6E-0DAC-4F8F-8C26-00261B2A5A86"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81E2112D-E069-43DF-AC97-413833190790"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18B789B0-EA7B-4374-BC57-6889B6734715"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFCB4FBC-DE26-4DFE-BC54-D4D9FBD4A968"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "469C4EF8-269F-4720-A795-EFBD4E416E98"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F5D42F6-7503-4CDE-88D0-CD864B4DDBEC"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAFAE329-FED7-4605-9412-0EC179052DAD"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F299E7B-91F8-43DA-816A-B57D39578A9A"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72D1457F-B1BD-4F6C-AA9E-25E2C5A6CA5B"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C83BD72-FF91-459C-AB43-535ECF32F356"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4BC3D75-F2D8-4F07-994D-68F6D1BCFA1C"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C91E7FF3-72B0-4259-8251-57E4C8EDA96E"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4B8CB5D-0C8C-48C2-AC35-8892345FC15D"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53EE9E64-AD8E-4977-A4A5-4844F1754A77"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E20C7FBF-A9D5-42B0-A158-A96350F04DB4"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E011E781-BC0D-4F82-990B-D6C3D9399D38"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87334357-BC8E-4D84-80EC-DC4F5875BB76"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44BC2156-5E22-4E91-ACFE-5FED3E243202"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7A207B2-EF39-4B7D-A5CA-7888104A048C"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BFDA2F2-1C4A-4F88-9064-C1B2BED96A86"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6359E2E1-D5E3-447D-AED4-8ECACF519744"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A36FA3C-15AE-451E-8501-EC16BC724B73"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEFE7414-9B96-4F1D-91C5-CC696EAB9453"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAF94D01-0957-4813-B7AE-83203C641375"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF0A4102-E5EB-4506-8885-1ED8E4E40D71"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B5C825F-7EEF-41B7-96BF-0422F8362321"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03DBF23C-CFDC-4B45-85A6-308FC2B3B6D5"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA8D9B75-C502-41DF-9BF4-443431B1EC7E"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D0A0BE7-DC7B-4F26-8E76-C91D32B16A39"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43977908-CF0D-4506-B79D-CB6BBB103202"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B10A7BBC-ACEF-4688-BC82-8A2A3DA2495C"
},
{
"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6CC7114-7EAF-4328-8026-11A7C988E379"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B362D262-CB7A-4987-AD26-406E20DE9BCD"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC3B9287-AC9F-488B-A6F4-1AC822BBBAE4"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF01655F-80A2-4A6B-9F30-18E39581F971"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E08AB56D-506A-4D31-AD83-12A5937393B4"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99D723BA-E386-456D-8BC3-91390798B4B4"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75538474-59FA-444C-865C-7B401A491476"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9852A84C-BAA9-43E7-BD30-D6F5D752502E"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC86F25A-605B-4B1C-8E5A-8022CC59619F"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C77250D-017E-4907-923E-127227EB68CC"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:4.5.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1583C4C-6501-48ED-BF31-AFCF38C5D59F"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF826F2B-83E1-4E64-A56C-B564028EBD6A"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22A19441-2041-45DC-9F59-783C9B1FF9D5"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43448288-B129-4210-9680-55836869F09F"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78639CDB-3763-4E71-B4F9-E51E5A261A16"
},
{
"criteria": "cpe:2.3:a:owncloud:owncloud:5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DBE1CE3-7A8D-4C97-8066-F59C346A0494"
}
],
"operator": "OR"
}
]
}
]