CVE-2016-4567 -- libjs-mediaelementID: oval:org.secpod.oval:def:1900497 | Date: (C)2019-03-22 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
Cross-site scripting vulnerability in flash/Flashlibjs-mediaelement.as in libjs-mediaelement.js before 2.21.0, as used in WordPress before 4.5.2, allow sremote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by"jsinitfunctio%gn."
Platform: |
Ubuntu 16.04 |
Ubuntu 18.10 |
Ubuntu 18.04 |
Product: |
libjs-mediaelement |