CVE-2013-2022
Published Aug 17, 2013
Last updated a year ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the (1) jQuery or (2) id parameters, a different vulnerability than CVE-2013-1942 and CVE-2013-2023, as demonstrated by using the alert function in the jQuery parameter. NOTE: these are the same parameters as CVE-2013-1942, but the fix for CVE-2013-1942 uses a blacklist for the jQuery parameter.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:happyworm:jplayer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C1D31F6-F095-4098-9D84-FDB7496CAD07",
"versionEndIncluding": "2.2.22"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.1:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C05F0A8-2769-4583-A475-97712D557775"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.2:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C3991D8-DD4A-4622-A0E8-C65F9D73A429"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.3:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21F669D7-3D60-44BA-91F8-548C9903E1B7"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.4:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A84C5A87-0430-46F6-A136-39B471A79200"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:0.2.5:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "671BBCBC-7347-4884-8CF0-79626756FCCE"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF21E522-89C8-49D6-8437-C54CEAE4B234"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDE1B6AA-052F-403D-B0E6-81505D085E51"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAACB377-B72E-4C3B-989D-8D33D47E449A"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A619C177-6E97-42DC-A93F-1AB9FF62F4B8"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29AD3C20-0352-44A2-81C5-94D43683545C"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2573E598-5171-4A4B-9054-7E52DD1C8118"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB9929D6-1BDE-438B-82F5-EA3CC85FD675"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4277499-5570-427E-AA92-39E622992F22"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D662512-9A68-48C9-8362-913B432C67CB"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "154075A2-89E5-4104-A5A8-98F7C90B000F"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9364A70E-06FA-4142-88D7-B5D50DC28025"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92A73773-E3E1-4E64-84F7-10A5AB52E8B8"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D1467D6-0988-4AC0-B56E-80BD9350088E"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C1F3549-1F8C-41AB-82BF-636531614594"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA58A0CE-0A37-4BD4-A727-7E2EB09668A1"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0A54796-F789-4645-B82A-2466FDA010B3"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C444A04-F6C4-45C2-9EDF-64D901003B7A"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5ECCC879-B1D0-4994-B650-1516ECE44E38"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3944BB3A-D84E-4536-BE69-0F5F5794271E"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D99BED98-6C3E-4088-98C6-3D07762261C4"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFFAB697-EE0D-4F59-9D99-E585F9F78414"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "018D71A2-7E77-42D1-8349-07681AEF08C0"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEC30B1A-0D62-4A25-8269-CAF087FD65A9"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0796C534-782E-4000-9CD1-678B918D1644"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59B1FBE8-DF84-4AC7-B4C4-A186354DB57A"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC6B210F-A45D-4C9F-9005-CCFC49CC01A6"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "490C6A01-F0AC-4E92-BE7F-A6579A587269"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2F18250-C5B8-4D30-8330-C07EB0A765EB"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76023F77-7B30-4283-B07A-6C4C0E3382A9"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0812334D-2679-4362-8EA3-C89E8786872C"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "252DD6F7-8489-4387-8797-F6018456AD7B"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7589B05C-E361-47CE-B5AB-70462348FC26"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D031586-D974-4B98-87CA-9695547B0080"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA2B1723-6C40-4992-BAE6-FCDB1C9AB7BD"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBD668BB-C691-4A57-9E87-4AE2C2A9BC6D"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9431D12-58B7-4943-8E1C-80559BF83ACB"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.32:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F8733FE-C6FC-433F-91D5-A843486788B8"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.33:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "698CB307-8F9A-40DF-A992-1346FC36E8F6"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.34:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CC42A34-54AD-4C9B-A664-3FE7E5D1C317"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.35:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4062AFBE-E501-447E-9C05-B7C07473D096"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.0.36:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD8467C8-9A25-45FF-8955-EDE06AA6ED50"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B35B9F1E-8FB0-4B3F-9CCE-A1A058A13582"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63C62C17-DB82-4770-9C25-C5571C0CFD7F"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2B6617C-7C6A-4A1D-8D7F-4BFB16253396"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08E970BC-1C31-4FB5-A848-A98CED0711D8"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B790B03-4E29-4C20-86A6-FBED36647789"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04DF09ED-1209-4C0C-A589-99D4049DB0C3"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BF64FC2-CCB2-4709-81FB-6CFB1D6269C7"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBA24DA7-D0F8-4478-97CA-3144C9E3E0C7"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85DC9D2C-B237-4C5C-91BC-41A765F6EA38"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D662D8BD-7C84-405F-8958-D61268318144"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E24FF8E-88D4-47F4-9144-D2FEA7F9D1CA"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB102921-177A-4290-904C-8369F83DD0E0"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AF1864F-DC3B-4BBD-B809-C073C625DC76"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51C8FF95-B063-4777-8BE5-2E3FD2F41141"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBDEBEA6-4299-4390-A40D-448EB5D6B410"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E000589-7D68-47D5-80E6-20189C48600C"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B63C4ED-C675-4B02-AF70-899A2619BF8A"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D52294B4-7963-44C9-B577-80F41AB9F70A"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E5E7A83-6237-48E6-9E22-A2FAE00CF735"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C1F0DB8-2DC8-4D74-80C8-858FAD12C169"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43D27F0E-5C23-4294-9A88-DB280A32B26E"
},
{
"criteria": "cpe:2.3:a:happyworm:jplayer:2.2.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92E17A72-68E0-4731-A4FD-A91FB14A0D63"
}
],
"operator": "OR"
}
]
}
]