Moderate severityNVD Advisory· Published Mar 24, 2014· Updated Jun 17, 2026
CVE-2013-7341
CVE-2013-7341
Description
Multiple cross-site scripting (XSS) vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by (1) providing a crafted playerId or (2) referencing an external domain, a related issue to CVE-2013-7342.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | < 2.4.9 | 2.4.9 |
moodle/moodlePackagist | >= 2.5.0, < 2.5.5 | 2.5.5 |
moodle/moodlePackagist | >= 2.6.0, < 2.6.2 | 2.6.2 |
typo3/cmsPackagist | >= 6.2.0, < 6.2.14 | 6.2.14 |
typo3/cmsPackagist | >= 7.0.0, < 7.3.1 | 7.3.1 |
Affected products
93cpe:2.3:a:flowplayer:flowplayer_flash:*:*:*:*:*:*:*:*+ 29 more
- cpe:2.3:a:flowplayer:flowplayer_flash:*:*:*:*:*:*:*:*range: <=3.2.16
- cpe:2.3:a:flowplayer:flowplayer_flash:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.15:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:flowplayer:flowplayer_flash:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*+ 60 more
- cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*range: <=2.3.11
- cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.6.1:*:*:*:*:*:*:*
- ghsa-coords2 versions
< 2.4.9+ 1 more
- (no CPE)range: < 2.4.9
- (no CPE)range: >= 6.2.0, < 6.2.14
Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-j6c3-3c4w-qv8pghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-7341ghsaADVISORY
- flash.flowplayer.org/documentation/version-history.htmlnvdWEB
- openwall.com/lists/oss-security/2014/03/17/1nvdWEB
- github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2013-7341.yamlghsaWEB
- github.com/flowplayer/flash/issues/121nvdWEB
- github.com/moodle/moodle/commit/98d135fea3006334093efa822205d4b2c3fd8ff9ghsaWEB
- github.com/moodle/moodle/commit/9f2967e301d123d11625f3b6948e1ee538086791ghsaWEB
- github.com/moodle/moodle/commit/c3cd5e1db9de4f1a634492d99990534e30518066ghsaWEB
- github.com/moodle/moodle/commit/d65634044ebaa738f55bdec521beb42844d6916aghsaWEB
- moodle.org/mod/forum/discuss.phpnvdWEB
- typo3.org/security/advisory/typo3-core-sa-2015-007ghsaWEB
News mentions
0No linked articles in our index yet.