14 matches found
EUVD-2017-15449
Malware in sbrugna...
EUVD-2017-15448
Malware in sbrugna...
Kaltura server cross-site scripting vulnerability
Kaltura is an open source online video platform. kaltura server is one of the servers. A cross-site scripting vulnerability exists in the Kaltura server Lynx-12.11.0 version, which stems from the program failing to adequately filter user submissions to 'adminconsole/web/tools/SimpleJWPlayer.php',...
Kaltura server cross-site scripting vulnerability (CNVD-2017-02387)
Kaltura is an open source online video platform. kaltura server is one of the servers. A cross-site scripting vulnerability exists in Kaltura server Lynx-12.11.0 and earlier versions, which stems from the program failing to adequately filter user submissions to the...
Kaltura Server <= 12.11.0 Multiple XSS Vulnerabilities
Kaltura Server is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-6392
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "server-Lynx-12.11.0/adminconsole/web/tools/XmlJWPlayer.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the contex...
CVE-2017-6391
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "adminconsole/web/tools/SimpleJWPlayer.php" URL, the "adminconsole/web/tools/AkamaiBroadcaster.php" URL, the "adminconsole/web/tools/bigRedButton.php...
CVE-2017-6392
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "server-Lynx-12.11.0/adminconsole/web/tools/XmlJWPlayer.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the contex...
CVE-2017-6391
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "adminconsole/web/tools/SimpleJWPlayer.php" URL, the "adminconsole/web/tools/AkamaiBroadcaster.php" URL, the "adminconsole/web/tools/bigRedButton.php...
Authorization
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "server-Lynx-12.11.0/adminconsole/web/tools/XmlJWPlayer.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the contex...
Authorization
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "adminconsole/web/tools/SimpleJWPlayer.php" URL, the "adminconsole/web/tools/AkamaiBroadcaster.php" URL, the "adminconsole/web/tools/bigRedButton.php...
CVE-2017-6392
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "server-Lynx-12.11.0/adminconsole/web/tools/XmlJWPlayer.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the contex...
CVE-2017-6391
An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "adminconsole/web/tools/SimpleJWPlayer.php" URL, the "adminconsole/web/tools/AkamaiBroadcaster.php" URL, the "adminconsole/web/tools/bigRedButton.php...
CVE-2017-6392
Kaltura Server Lynx-12.11.0 and earlier are affected by CVE-2017-6392 due to insufficient filtration of user-supplied data passed to the XmlJWPlayer.php URL, enabling arbitrary HTML/script execution in a browser (XSS). OpenVAS CNVD entries corroborate multiple XSS issues for Lynx-12.11.0 and earl...