Lucene search
K
EmcDocumentum Wdk

10 matches found

CVE
CVE
added 2013/11/06 11:0 a.m.59 views

CVE-2013-3281

The CVE-2013-3281 entry describes a cross-site scripting (XSS) vulnerability in EMC Documentum products (Webtop, WDK, Taskspace, Records Manager, Web Publisher, Digital Asset Manager, Administrator, Capital Projects) prior to the stated SP versions. The flaw allows remote attackers to inject arbi...

4.3CVSS5.8AI score0.01001EPSS
CVE
CVE
added 2013/05/10 10:0 a.m.58 views

CVE-2013-0937

CVE-2013-0937 is a session-fixation vulnerability affecting EMC Documentum Webtop, WDK, Taskspace, and Records Manager up to version 6.7 SP2. The entry describes that remote attackers could hijack an authenticated session via unspecified vectors. Affected components include Webtop, WDK, Taskspace...

5.8CVSS6.8AI score0.0109EPSS
CVE
CVE
added 2013/05/10 10:0 a.m.57 views

CVE-2013-0938

CVE-2013-0938 describes a cross-site scripting (XSS) vulnerability in EMC Documentum products prior to 6.7 SP2. Affected components include Webtop, WDK, Taskspace, and Records Manager before 6.7 SP2. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors,...

4.3CVSS5.8AI score0.00942EPSS
CVE
CVE
added 2014/08/20 10:0 a.m.54 views

CVE-2014-2518

EMC Documentum CSRF vulnerabilities (CVE-2014-2518) affect WebTop, Administrator, WDK, Task Space, Records Manager, Web Publisher and Digital Asset Manager across multiple versions; exploitation could hijack user sessions by tricking authenticated users. The ESA-2014-073 advisory notes the fix fo...

6.8CVSS7.2AI score0.00984EPSS
CVE
CVE
added 2013/05/10 10:0 a.m.53 views

CVE-2013-0939

EMC Documentum CVE-2013-0939 affects Webtop, WDK, Taskspace, and Records Manager prior to 6.7 SP2. The issue is a Cross Frame Scripting vulnerability allowing remote attackers to obtain sensitive information via cross-origin frame navigation. Affected products include Webtop, WDK, Taskspace, and ...

5.8CVSS6.3AI score0.01057EPSS
CVE
CVE
added 2015/01/07 2:0 a.m.52 views

CVE-2014-4636

EMC Documentum Web Development Kit (WDK) prior to version 6.8 is affected by a Cross-Site Request Forgery (CSRF) vulnerability (CVE-2014-4636). The issue allows an attacker to trick authenticated users into performing Docbase operations with their privileges by visiting a malicious link or page, ...

6.8CVSS7.4AI score0.01098EPSS
CVE
CVE
added 2015/01/07 2:0 a.m.51 views

CVE-2014-4639

CVE-2014-4639 affects EMC Documentum Web Development Kit (WDK) before 6.8. The issue is insufficient randomness in a Webtop component parameter, enabling remote attackers to predict the parameter and carry out phishing via brute-force attempts. The ESA-2014-180 advisory lists this under multiple ...

5CVSS6.8AI score0.02221EPSS
CVE
CVE
added 2015/01/07 2:0 a.m.48 views

CVE-2014-4635

EMC Documentum Web Development Kit (WDK) before 6.8 contains multiple Cross-Site Scripting (XSS) vulnerabilities (CVE-2014-4635). The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, potentially impacting users in the context of authenticated sessions....

4.3CVSS5.8AI score0.01915EPSS
CVE
CVE
added 2015/01/07 2:0 a.m.47 views

CVE-2014-4637

EMC Documentum Web Development Kit (WDK) prior to version 6.8 contains a URL Redirection vulnerability (CVE-2014-4637). The issue arises from an unvalidated parameter allowing a remote attacker to redirect users to arbitrary sites, enabling phishing-like redirects. ESA-2014-180 summarizes related...

6.4CVSS7AI score0.02297EPSS
CVE
CVE
added 2015/01/07 2:0 a.m.43 views

CVE-2014-4638

EMC Documentum Web Development Kit (WDK) prior to version 6.8 contains a frame-injection vulnerability (CVE-2014-4638). The issue can allow remote attackers to induce the user to load an attacker-controlled page in a frame and potentially harvest sensitive information, with the documented base CV...

5CVSS6.5AI score0.02314EPSS