VideoJS Cross Site Scripting and Denial of Service Vulnerabilities

VideoJS is prone to a cross-site scripting vulnerability and a denial-of-service vulnerability.

An attacker may leverage these issues to cause a denial-of-service condition or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Successfully exploiting the cross-site scripting issue may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.


 

Privacy Statement
Copyright 2010, SecurityFocus