Kaltura Kaltura Server — known CVE vulnerabilities
Every CVE whose affected-product data names Kaltura Kaltura Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2017-14143 — CVSS 9.8 (critical): The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote…
CVE-2017-14141 — CVSS 7.2 (high): The wiki_decode Developer System Helper function in the admin panel in Kaltura before 13.2.0 allows remote attackers to conduct PHP object…
CVE-2017-14142 — CVSS 6.1 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Kaltura before 13.2.0 allow remote attackers to inject arbitrary web script or HTML…
CVE-2017-6391 — CVSS 6.1 (medium): An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data…
CVE-2017-6392 — CVSS 6.1 (medium): An issue was discovered in Kaltura server Lynx-12.11.0. The vulnerability exists due to insufficient filtration of user-supplied data…