AI Score
Confidence
High
EPSS
Percentile
65.9%
Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier does not set the charset, which allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input.
lists.grok.org.uk/pipermail/full-disclosure/2008-January/059985.html
secunia.com/advisories/28723
withdk.com/archives/livelink-utf7-xss-advisory.pdf
www.securityfocus.com/bid/27537
exchange.xforce.ibmcloud.com/vulnerabilities/40123