CVE-2017-6391
CVE-2017-6391 affects Kaltura server Lynx-12.11.0. The issue arises from insufficient filtration of user-supplied data in the admin_console/web/tools/*.php endpoints (SimpleJWPlayer.php, AkamaiBroadcaster.php, bigRedButton.php, bigRedButtonPtsPoc.php), enabling arbitrary HTML/JavaScript execution...