1 results (0.002 seconds)

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf. • https://ezplatform.com/security-advisories/ezsa-2020-003-xss-in-demobundle-ezdemo-bundled-videojs • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •