Lucene search

K

6 matches found

CVE
CVE
added 2013/11/06 3:55 p.m.48 views

CVE-2013-3281

Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7 SP2 P07, Documentum Web Publisher before 6.5 SP7, Documentum Digital Asset Manager before 6.5 SP6, ...

4.3CVSS5.8AI score0.00339EPSS
CVE
CVE
added 2015/01/07 2:59 a.m.41 views

CVE-2014-4636

Cross-site request forgery (CSRF) vulnerability in EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to hijack the authentication of arbitrary users for requests that perform Docbase operations.

6.8CVSS7.4AI score0.00138EPSS
CVE
CVE
added 2015/01/07 2:59 a.m.38 views

CVE-2014-4637

Open redirect vulnerability in EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter.

6.4CVSS7AI score0.00253EPSS
CVE
CVE
added 2015/01/07 2:59 a.m.37 views

CVE-2014-4639

EMC Documentum Web Development Kit (WDK) before 6.8 does not properly generate random numbers for a certain parameter related to Webtop components, which makes it easier for remote attackers to conduct phishing attacks via brute-force attempts to predict the parameter value.

5CVSS6.8AI score0.00347EPSS
CVE
CVE
added 2015/01/07 2:59 a.m.32 views

CVE-2014-4638

EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to conduct frame-injection attacks and obtain sensitive information via unspecified vectors.

5CVSS6.5AI score0.0026EPSS
CVE
CVE
added 2015/01/07 2:59 a.m.30 views

CVE-2014-4635

Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum Web Development Kit (WDK) before 6.8 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00254EPSS