Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Kaltura before 13.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 partnerId or 2 playerVersion parameter to server/adminconsole/web/tools/bigRedButton.php; the 3 partnerId, 4 playerVersion, 5 secret, 6 entryId, 7...