CVE-2021-23414

Summary

This affects the package video.js before 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code.

Affected Software

VendorProductVersion RangeStatus
n/avideo.jsunspecified < 7.14.3affected

Weaknesses

  • Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References