CVE-2016-4567
published 2016-05-22CVE-2016-4567: Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote…
PriorityP429medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
6.40%
92.8th percentile
Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| contao-components | mediaelement | >= 2.14.2 < 2.21.1 | 2.21.1 |
| contao | core | >= 3.0.0 < 3.5.15 | 3.5.15 |
| debian | mediaelement | — | — |
| mediaelementjs | mediaelement.js | <= 2.20.1 | — |
| wordpress | wordpress | <= 4.5.1 | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.1MEDIUM
vendor_debian6.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
MediaElement Vulnerable to Reflected XSS
ghsa·2022-05-17
CVE-2016-4567 [MEDIUM] CWE-79 MediaElement Vulnerable to Reflected XSS
MediaElement Vulnerable to Reflected XSS
Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.swf in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."
OSV
MediaElement Vulnerable to Reflected XSS
osv·2022-05-17
CVE-2016-4567 [MEDIUM] MediaElement Vulnerable to Reflected XSS
MediaElement Vulnerable to Reflected XSS
Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.swf in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."
OSV
CVE-2016-4567: Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement
osv·2016-05-22·CVSS 6.1
CVE-2016-4567 [MEDIUM] CVE-2016-4567: Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement
Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."
Debian
CVE-2016-4567: mediaelement - Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaE...
vendor_debian·2016·CVSS 6.1
CVE-2016-4567 [MEDIUM] CVE-2016-4567: mediaelement - Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaE...
Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
No detection rules found.
No public exploits indexed.
Bugzilla
flashmediaelement.swf XSS in qsurvey.mozilla.com
bugzilla·2016-07-07·CVSS 6.1
[MEDIUM] flashmediaelement.swf XSS in qsurvey.mozilla.com
flashmediaelement.swf XSS in qsurvey.mozilla.com
Please note that I have not verified this vulnerability.
The domain qsurvey.mozilla.com have a CNAME pointer to privatedomain.sgizmo.com. This gives us some intel: only US-based Surveygizmo accounts should point to privatedomain.sgizmo.com, and the account's payment plan has to be a either professional or enterprise.
By requesting http://qsurvey.mozilla.com/ a single redirect it made to http://www.surveygizmo.com/.
This is a strong indication that you either had, or have an inactive account on Surveygizmo. If you don't have an account, then it should be possible for anyone to sign up as a customer, pay $65 for a professional plan, and start serve surveys in the context of qsurvey.mozilla.com. As Surveygizmo allows JavaScript to be embedd
Bugzilla
CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release
bugzilla·2016-05-09·CVSS 6.1
CVE-2016-4566 [MEDIUM] CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release
CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release
WordPress 4.5.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
CVE-2016-4566: WordPress versions 4.5.1 and earlier are affected by a SOME vulnerability through Plupload, the third-party library WordPress uses for uploading files.
Upstream fix:
https://core.trac.wordpress.org/changeset/37382/
CVE-2016-4567: WordPress versions 4.2 through 4.5.1 are vulnerable to reflected XSS using specially crafted URIs through MediaElement.js, the third-party library used for media players.
Upstream fix:
https://core.trac.wordpress.org/changeset/37371/
External references:
https://wordpress.org/news/2016/05/wordpress-4-5-2/
Discussion:
Created word
Bugzilla
CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release [epel-all]
bugzilla·2016-05-09·CVSS 6.1
CVE-2016-4566 [MEDIUM] CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release [epel-all]
CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of
Bugzilla
CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release [fedora-all]
bugzilla·2016-05-09·CVSS 6.1
CVE-2016-4566 [MEDIUM] CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release [fedora-all]
CVE-2016-4566 CVE-2016-4567 wordpress: 4.5.2 Security Release [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fed
http://www.openwall.com/lists/oss-security/2016/05/07/2http://www.securitytracker.com/id/1035818https://codex.wordpress.org/Version_4.5.2https://core.trac.wordpress.org/changeset/37371https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9chttps://github.com/johndyer/mediaelement/blob/master/changelog.mdhttps://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06ehttps://wordpress.org/news/2016/05/wordpress-4-5-2/https://wpvulndb.com/vulnerabilities/8488http://www.openwall.com/lists/oss-security/2016/05/07/2http://www.securitytracker.com/id/1035818https://codex.wordpress.org/Version_4.5.2https://core.trac.wordpress.org/changeset/37371https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9chttps://github.com/johndyer/mediaelement/blob/master/changelog.mdhttps://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06ehttps://wordpress.org/news/2016/05/wordpress-4-5-2/https://wpvulndb.com/vulnerabilities/8488
2016-05-22
Published