{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-04-11T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "mediaelementjs-flashmediaelement-xss(83647)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83647"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=955307"}, {"name": "[oss-security] 20130417 Fwd: Re: CVE Request: ownCloud 5.0.5 and 4.5.10", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2013/q2/111"}, {"name": "53079", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/53079"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-017"}, {"name": "[oss-security] 20130421 ownCloud Security Advisories (2013-017, 2013-018)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2013/q2/133"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/johndyer/mediaelement/tree/2.11.1"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:20:37.506Z"}, "title": "CVE Program Container", "references": [{"name": "mediaelementjs-flashmediaelement-xss(83647)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83647"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=955307"}, {"name": "[oss-security] 20130417 Fwd: Re: CVE Request: ownCloud 5.0.5 and 4.5.10", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2013/q2/111"}, {"name": "53079", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/53079"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-017"}, {"name": "[oss-security] 20130421 ownCloud Security Advisories (2013-017, 2013-018)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2013/q2/133"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/johndyer/mediaelement/tree/2.11.1"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-1967", "datePublished": "2014-02-05T15:00:00", "dateReserved": "2013-02-19T00:00:00", "dateUpdated": "2024-08-06T15:20:37.506Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:*:*:*:*:*:*:*:*", "matchCriteriaId": "AAA26473-CFC6-47C4-AFE2-3054009C72B1", "versionEndIncluding": "2.11.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "240CE762-4A1C-4DA2-B3B2-CA62EE52D0A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "07E7E16E-4CEE-4A52-BBFB-A6B91F554F24", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "EF3BBB9D-E51F-45CE-80A2-8C941C61D226", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "1DE56777-4889-4EA5-ACCE-30E9BD4160BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "F2661722-5819-4A10-8E20-F55742FC4142", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "0D578448-06BC-4357-9869-F6A82ADF8454", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "61F877B3-EB9D-4EC1-8C41-47AC43D2B4C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C1917822-5F80-4D6B-B0EC-FBD19D6838B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "66323183-39E6-4B61-8D02-31BABE830742", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4A1A46F6-4BD6-4C4D-BB80-C6F0248EBA43", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7D1FD461-CBFA-47B5-AFA9-F53493564CEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "63CA46F2-D56C-4623-873F-03F76AE0967A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D48EC6C3-FA37-4EBF-8E5E-3A2642078CE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "C4067F47-07AE-49FD-ABF4-33639E1F82E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "F6982962-AF0F-4FBD-BEFE-684D82155DFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "AB916FFE-72D0-4952-A253-6AE469A390F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "688FC4B8-B09F-4F7D-98A5-B58127112588", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F6A45E1-EC36-4E80-8893-8BE16E8FBBD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CA3BB08E-6D8E-4E38-8899-B464D49FCC6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D9FEE2BB-48F2-41D5-BB15-C8A999406416", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "6A486DBC-85B8-4FEA-A353-EB31BEE48FED", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "AF65E521-43E8-4264-8871-59DA99ECF989", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "DBAA10E4-CDBA-4FD5-8651-F7598FA77129", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "33CBE52A-ACEA-4111-B3E6-AB1336F171B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C3AF7654-E0E0-48EC-91BA-806F79391472", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "760B1D50-D216-4931-ACE0-1A1F4C317988", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "0CE0548B-A35B-431E-B42B-84CAB8E4EC1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "CB61B69A-66B9-4C5C-A16B-1C3F9EEB15DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "5A65BF1E-61C7-4600-A1D0-D41D16A136A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4673260C-72A4-4E1F-8762-94A511828701", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "AEF5E7B9-08F9-40C4-BD4C-F540777BADCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "64830A8B-3066-4128-B66B-72EE83B3AEDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "E92C560A-8541-4E13-8605-D9821E2F2BD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "922C630F-B3AE-4FB6-BE62-02D86E71ADF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "D07ED7E1-44B4-48A1-82B2-8E293E0AB65F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C35E695A-D051-49C0-8CED-1BF8BBE1DA81", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6BDED28-1792-4B00-816A-F25AA3B63C3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "EFF363EE-4C2C-46C5-91A0-41BEC3C35B5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0FF4CF6E-0DAC-4F8F-8C26-00261B2A5A86", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "81E2112D-E069-43DF-AC97-413833190790", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "18B789B0-EA7B-4374-BC57-6889B6734715", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFCB4FBC-DE26-4DFE-BC54-D4D9FBD4A968", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "469C4EF8-269F-4720-A795-EFBD4E416E98", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F5D42F6-7503-4CDE-88D0-CD864B4DDBEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "FAFAE329-FED7-4605-9412-0EC179052DAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "7F299E7B-91F8-43DA-816A-B57D39578A9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "72D1457F-B1BD-4F6C-AA9E-25E2C5A6CA5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "5C83BD72-FF91-459C-AB43-535ECF32F356", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D4BC3D75-F2D8-4F07-994D-68F6D1BCFA1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "C91E7FF3-72B0-4259-8251-57E4C8EDA96E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4B8CB5D-0C8C-48C2-AC35-8892345FC15D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "53EE9E64-AD8E-4977-A4A5-4844F1754A77", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "E20C7FBF-A9D5-42B0-A158-A96350F04DB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "E011E781-BC0D-4F82-990B-D6C3D9399D38", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "87334357-BC8E-4D84-80EC-DC4F5875BB76", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "44BC2156-5E22-4E91-ACFE-5FED3E243202", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E7A207B2-EF39-4B7D-A5CA-7888104A048C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BFDA2F2-1C4A-4F88-9064-C1B2BED96A86", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6359E2E1-D5E3-447D-AED4-8ECACF519744", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A36FA3C-15AE-451E-8501-EC16BC724B73", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "FEFE7414-9B96-4F1D-91C5-CC696EAB9453", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAF94D01-0957-4813-B7AE-83203C641375", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "EF0A4102-E5EB-4506-8885-1ED8E4E40D71", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "8B5C825F-7EEF-41B7-96BF-0422F8362321", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "03DBF23C-CFDC-4B45-85A6-308FC2B3B6D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "EA8D9B75-C502-41DF-9BF4-443431B1EC7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0A0BE7-DC7B-4F26-8E76-C91D32B16A39", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "43977908-CF0D-4506-B79D-CB6BBB103202", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "B10A7BBC-ACEF-4688-BC82-8A2A3DA2495C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mediaelementjs:mediaelement.js:2.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "B6CC7114-7EAF-4328-8026-11A7C988E379", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "56D46962-C2C4-4468-9DB0-15AFF4FE8032", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8577131-CCE2-4B98-8763-8F99E267BD5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "79A6F6FF-7E31-4337-93E0-ED05D3D698D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C21E9F9A-5734-4819-8845-E82ADC29ABD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "D57EBB84-E1B2-44F4-BD7B-8D4A79A2E2D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "2E90708D-CA85-4034-ADA7-72522812CEF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "FA2C4F18-4056-4ED3-B1E7-C945849FE97C", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "DE1FA818-0C13-4F41-9AF8-F31B035491F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "F48864EB-2863-4C12-8F3B-DC90C29F6719", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:4.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "CACD6812-4C89-46C9-B483-96829102157F", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D89BE316-CE49-49CB-85FB-B93C86E07276", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD902884-4F28-4AF6-A8D7-A6CD15048B0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B18395A6-B385-4ADB-9278-5F59FF339F1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "94834DA8-247E-4A53-A95A-708AF7F9AC4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:owncloud:owncloud_server:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "35203A98-76CE-4475-9C4A-60E6A1990B8A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter."}, {"lang": "es", "value": "Vulnerabilidad de XSS en flashmediaelement.swf en MediaElement.js anterior a 2.11.2, utilizado en OwnCloud Server 5.0.x anterior a 5.0.5 y 4.5.x anterior a 4.5.10, permite a atacantes remotos inyectar script Web o HTML arbitrario a trav\u00e9s del par\u00e1metro file."}], "id": "CVE-2013-1967", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-02-05T15:10:05.017", "references": [{"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-017"}, {"source": "secalert@redhat.com", "url": "http://seclists.org/oss-sec/2013/q2/111"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://seclists.org/oss-sec/2013/q2/133"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/53079"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=955307"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83647"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd"}, {"source": "secalert@redhat.com", "url": "https://github.com/johndyer/mediaelement/tree/2.11.1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-017"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/oss-sec/2013/q2/111"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://seclists.org/oss-sec/2013/q2/133"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/53079"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=955307"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83647"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://github.com/johndyer/mediaelement/commit/9223dc6bfc50251a9a3cba0210e71be80fc38ecd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/johndyer/mediaelement/tree/2.11.1"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}