CVE-2013-0939

EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting"...

CVE-2019-7416

XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...

CVE-2019-7416

XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable...

CVE-2019-7416

CVE-2019-7416 affects OpenText Documentum Webtop 5.3 SP2. The vulnerability is in the startat parameter of /webtop/help/en/default.htm, enabling XSS and/or a Client-Side URL Redirect. Public documentation notes this issue and a PoC is referenced in PacketStorm for Webtop 5.3 SP2. CVSS details fro...

OpenText Documentum Webtop 5.3 SP2 Open Redirect

...

OpenText Documentum D2 Webtop Cross-Site Scripting Vulnerability (CNVD-2018-07985)

OpenText Documentum D2 Webtop is a set of enterprise-class content management system from OpenText Canada. The system manages the entire information lifecycle through the creation, modification, tracking and other functions, which includes a number of extensions, such as Documentum Web Publisher...

CVE-2017-14525

Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a 1 URL in the startat parameter to xda/help/en/default.htm or 2 /%09/ slash encoded horizontal tab slash followed by...

CVE-2017-14527

Multiple XML external entity XXE vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a 1 crafted DTD,...

CVE-2017-14525

Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a 1 URL in the startat parameter to xda/help/en/default.htm or 2 /%09/ slash encoded horizontal tab slash followed by...

Open redirect

Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a 1 URL in the startat parameter to xda/help/en/default.htm or 2 /%09/ slash encoded horizontal tab slash followed by...

CVE-2017-14527

CVE-2017-14527 affects OpenText Documentum Webtop 6.8.0160.0073. The vulnerability is an XML External Entity (XXE) injection in Webtop, triggered by crafted XML—specifically in a DTD within a request to xda/com/documentum/ucf/server/transport/impl/GAIRConnector or via a crafted XML file in a Medi...

CVE-2017-14525

CVE-2017-14525 concerns OpenText Documentum Webtop 6.8.0160.0073 with open redirect vulnerabilities. The issue allows remote attackers to redirect users to arbitrary sites via (1) the startat parameter in xda/help/en/default.htm or (2) a slash-encoded sequence followed by a domain in the redirect...

CVE-2016-8213

EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and...

CVE-2016-8213

EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and...

HTML Injection Vulnerability in Multiple EMC Products

EMC Documentum WebTop is a suite of products that allow users to access Documentum repositories and content management services in a standard browser application.Documentum Administrator is a set of Web-based development tools for performing Documentum system administration tasks. Documentum...

Multiple EMC Product Privilege Bypass Vulnerabilities

EMC Documentum WebTop is a suite of products that allow users to access Documentum repositories and content management services in a standard browser application.Documentum Administrator is a set of Web-based development tools for performing Documentum system administration tasks. Documentum...

Cross-Site Request Forgery Vulnerability in Multiple EMC Documentum Products

EMC Documentum WebTop is a suite of products that allow users to access Documentum repositories and content management services in a standard browser application.Documentum Administrator is a Web-based development tool used to perform Documentum system management tasks. Documentum Administrator i...

EMC Documentum WebTop Open Redirect Vulnerability

EMC Documentum WebTop is a document management service. An open redirection vulnerability exists in the EMC Documentum WebTop WEB interface, which allows an attacker to construct a malicious URI, trick the user into parsing it, and redirect the user to an arbitrary WEB site for phishing attacks...

CVE-2015-0551

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...

CVE-2014-2511

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the 1 startat or 2 entryId parameter...