CVE-2016-4567 -- libjs-mediaelement| ID: oval:org.secpod.oval:def:1900497 | Date: (C)2019-03-22 (M)2023-12-20 |
| Class: VULNERABILITY | Family: unix |
Cross-site scripting vulnerability in flash/Flashlibjs-mediaelement.as in libjs-mediaelement.js before 2.21.0, as used in WordPress before 4.5.2, allow sremote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by"jsinitfunctio%gn."
| Platform: |
| Ubuntu 16.04 |
| Ubuntu 18.10 |
| Ubuntu 18.04 |
| Product: |
| libjs-mediaelement |
