HTTP: LongTail Video JW Player XSS attempt detected
This signature detects attempts to exploit a known vulnerability against LongTail Video JW Player. Attackers can inject cross-site scripting commands and take control of other user browsers.
Extended Description
Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript.
Affected Products
Longtailvideo jw_player
Short Name
HTTP:LONGTAIL-JW-XSS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2012-3351 JW LongTail Player Video XSS attempt bid:54101 detected
Release Date
08/23/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Longtailvideo
CVSS Score
4.3