CVE-2017-14756
OpenText Document Sciences xPression, v4.5SP1 Patch 13 (and older) is affected by CVE-2017-14756: a Cross-Site Scripting vulnerability in /xAdmin/html/Deployment (cat_id) that can inject JavaScript reflected to users. Exploitation requires user interaction and can be triggered remotely via crafte...