CVE-2016-0881

2016-02-1201:00:00

dell

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.0%

JSON

EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository information by appending a query to a REST request.

References

seclists.org/bugtraq/2016/Feb/66

www.securitytracker.com/id/1034993