Description
Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than CVE-2013-1942 and CVE-2013-2022.
Remediation
References
Related Vulnerabilities
WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-17359)
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21019)
Joomla! Core 2.5.x Cross-Site Scripting (2.5.0 - 2.5.9)
WordPress Plugin ThinkTwit Cross-Site Scripting (1.7.0)
WordPress Plugin Top 10-Popular posts for WordPress Cross-Site Request Forgery (1.9.2)