CVE-2018-0642

NONE EPSS 59.9%
Published Sep 7, 20187y ago · Modified Jun 17, 20262w ago
Find Similar
Published Sep 7, 2018 7y ago
Last Modified Jun 17, 2026 2w ago

Description

Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 to 6.6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Threat Intelligence

EPSS Exploit Probability
59.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 1

VendorProductVersionRange
foliovisionfv_flowplayer_video_player*≥6.1.2  –  ≤6.6.4

References 2

  • jvn.jp http://jvn.jp/en/jp/JVN70246549/index.html
    VDB Entry
  • wordpress.org https://wordpress.org/plugins/fv-wordpress-flowplayer/#developers
    Release NotesVendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.