Candidate: CVE-2013-7343
PublicDate: 2014-03-24 14:20:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7343
 https://github.com/flowplayer/flowplayer/commit/27e8f178276c185cbddb4f14c91d4ce7b3865db1
 https://github.com/flowplayer/flowplayer/issues/381
Description:
 Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flash
 fallback feature in Flowplayer HTML5 5.4.3 allows remote attackers to
 inject arbitrary web script or HTML by using URL encoding within the
 callback parameter name.  NOTE: this vulnerability exists because of an
 incomplete fix for CVE-2013-7342.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_moodle:
upstream_moodle: released (2.5.5)
lucid_moodle: ignored (reached end-of-life)
precise_moodle: ignored (reached end-of-life)
precise/esm_moodle: DNE (precise was needs-triage)
quantal_moodle: ignored (reached end-of-life)
saucy_moodle: ignored (reached end-of-life)
trusty_moodle: ignored (reached end-of-life)
trusty/esm_moodle: DNE (trusty was needed)
utopic_moodle: ignored (reached end-of-life)
vivid_moodle: ignored (reached end-of-life)
vivid/stable-phone-overlay_moodle: DNE
vivid/ubuntu-core_moodle: DNE
wily_moodle: ignored (reached end-of-life)
xenial_moodle: ignored (end of standard support, was needed)
yakkety_moodle: ignored (reached end-of-life)
zesty_moodle: ignored (reached end-of-life)
artful_moodle: ignored (reached end-of-life)
bionic_moodle: needed
cosmic_moodle: ignored (reached end-of-life)
disco_moodle: ignored (reached end-of-life)
eoan_moodle: ignored (reached end-of-life)
focal_moodle: DNE
groovy_moodle: DNE
hirsute_moodle: DNE
impish_moodle: DNE
jammy_moodle: DNE
devel_moodle: DNE