OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection

`Title: OpenText Document Sciences xPression (formerly EMC Document  
Sciences xPression) - SQL Injection  
Author: Marcin Woloszyn  
Date: 27. September 2017  
CVE: CVE-2017-14757  
  
Affected Software:  
==================  
OpenText Document Sciences xPression (formerly EMC Document Sciences xPression)  
  
Exploit was tested on:  
======================  
v4.5SP1 Patch 13 (older versions might be affected as well)  
  
SQL Injection:  
==============  
  
Due to lack of prepared statements an application is prone to SQL  
Injection attacks.  
Potential attacker can retrieve data from application database by  
exploiting the issue.  
  
Vector :  
--------  
  
https://[...]/xAdmin/html/cm_doclist_view_uc.jsp?cat_id=503&documentId=185365177756%20and%201=1&documentType=xDesignPublish&documentName=ContractRealEstate  
  
^  
Results can be retrieved using blind SQL injection method.  
  
Fix:  
====  
https://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774  
  
Contact:  
========  
mw[at]nme[dot]pl  
  
  
`