Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player up to and including 5.10.2295 allow remote malicious users to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
longtailvideo jw player |