CVE-2014-0335
Serena Dimensions CM 12.2 Build 7.199.0 web client contains multiple cross-site scripting vulnerabilities (CWE-79). Exploitable via unauthenticated vectors in parameters such as DB_CONN, DB_NAME, DM_HOST, MAN_DB_NAME, framecmd, identifier, merant.adm.adapters.AdmDialogPropertyMgr, nav_frame, nav_...