PatchSiren cyber security CVE debrief
CVE-2026-49773 FolioVision CVE debrief
A Subscriber Cross Site Scripting (XSS) vulnerability exists in FV Flowplayer Video Player versions before 7.5.51.7212. The vulnerability has a CVSS score of 6.5 and a severity of MEDIUM. It was published on 2026-06-15T21:17:22.173Z and last modified on 2026-06-15T21:24:32.790Z.
- Vendor
- FolioVision
- Product
- FV Flowplayer Video Player
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of FV Flowplayer Video Player versions before 7.5.51.7212 should update to the latest version to mitigate this vulnerability.
Technical summary
The vulnerability is a Cross Site Scripting (XSS) issue in the FV Flowplayer Video Player plugin. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L.
Defensive priority
MEDIUM
Recommended defensive actions
- Update FV Flowplayer Video Player to version 7.5.51.7212 or later.
- Review and apply patches provided by the vendor.
Evidence notes
Evidence of this vulnerability was provided by Patchstack.
Official resources
-
CVE-2026-49773 CVE record
CVE.org
-
CVE-2026-49773 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2026-49773 was published on 2026-06-15T21:17:22.173Z and last modified on 2026-06-15T21:24:32.790Z.