5 matches found
CVE-2013-3281
The CVE-2013-3281 entry describes a cross-site scripting (XSS) vulnerability in EMC Documentum products (Webtop, WDK, Taskspace, Records Manager, Web Publisher, Digital Asset Manager, Administrator, Capital Projects) prior to the stated SP versions. The flaw allows remote attackers to inject arbi...
CVE-2016-8213
CVE-2016-8213 affects EMC Documentum products: WebTop 6.8 (before P18) and 6.8.1 (before P06); TaskSpace 6.7SP3 (before P02); Capital Projects 1.9 (before P30) and 1.10 (before P17); and Administrator 7.0, 7.1, and 7.2 (before P18). The vulnerability is a Stored Cross-Site Scripting (XSS) issue t...
CVE-2014-2518
EMC Documentum CSRF vulnerabilities (CVE-2014-2518) affect WebTop, Administrator, WDK, Task Space, Records Manager, Web Publisher and Digital Asset Manager across multiple versions; exploitation could hijack user sessions by tricking authenticated users. The ESA-2014-073 advisory notes the fix fo...
CVE-2016-0914
EMC Documentum WebTop and related components are affected by CVE-2016-0914. The vulnerability allows remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface. Affected products/versions and patches (as described): WebTo...
CVE-2014-2511
CVE-2014-2511 maps to EMC Documentum WebTop multiple XSS vulnerabilities exploitable via startat and entryId parameters. The ESA-2014-059 advisory confirms the issue affects EMC WebTop 6.7 SP1, 6.7 SP2 (and other Documentum/WebTop family products) with fixes in specific patches/versions (e.g., We...