3 matches found
Kaltura 13.1.0 Code Execution / Cross Site Scripting Vulnerabilities
Exploit for php platform in category web applications Advisory: Kaltura - Remote Code Execution and Cross-Site Scripting Release Date: 2017/09/12 Author: Robin Verton email protected CVE: CVE-2017-14141, CVE-2017-14142, CVE-2017-14143 Application: Kaltura = 13.1.0 Risk: Critical Vendor Status:...
Kaltura 13.1.0 Code Execution / Cross Site Scripting
Telekom Security security.telekom.com Advisory: Kaltura - Remote Code Execution and Cross-Site Scripting Release Date: 2017/09/12 Author: Robin Verton [email protected] CVE: CVE-2017-14141, CVE-2017-14142, CVE-2017-14143 Application: Kaltura = 13.1.0 Risk: Critical Vendor Status: Kaltura...
CVE-2017-14142
CVE-2017-14142 covers multiple XSS vulnerabilities in Kaltura prior to 13.2.0. The flaws allow remote injection of script/HTML via numerous parameters to admin_console/web/tools/bigRedButton.php, bigRedButtonPtsPoc.php, AkamaiBroadcaster.php, XmlJWPlayer.php, and bigRedButtonPtsPocHlsjs.php, affe...