Computer Security
[EN] securityvulns.ru no-pyccku


EMC Documentum crossite scripting
Published:18.11.2013
Source:
SecurityVulns ID:13416
Type:remote
Threat Level:
5/10
Description:Crossite scripting in different modules.
Affected:EMC : Documentum eRoom 7.4
 EMC : Documentum 6.7
CVE:CVE-2013-3286 (Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.)
 CVE-2013-3281 (Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7 SP2 P07, Documentum Web Publisher before 6.5 SP7, Documentum Digital Asset Manager before 6.5 SP6, Documentum Administrator before 6.7 SP2 P07, and Documentum Capital Projects before 1.8 P01 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter in a URL.)
Original documentdocumentEMC, ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. (18.11.2013)
 documentEMC, ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. (18.11.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod