6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
35.0%
EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository information by appending a query to a REST request.
seclists.org/bugtraq/2016/Feb/66
www.securitytracker.com/id/1034993