CVE-2012-2904
LongTail JW Player 5.9 - XSS
Title source: llmDescription
player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by gainover · textwebappsphp
https://www.exploit-db.com/exploits/37205
References (7)
Scores
EPSS
0.0097
EPSS Percentile
76.4%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
longtailvideo/jw_player
n/a/n/a
Timeline
Published
May 21, 2012
Tracked Since
Feb 18, 2026