Lucene search
K
OpentextDocumentum Administrator

4 matches found

CVE
CVE
added 2017/09/27 5:0 p.m.88 views

CVE-2017-14524

OpenText Documentum Administrator 7.2.0180.0055 is vulnerable to multiple open redirect flaws. An attacker can redirect users to malicious sites via (1) the startat parameter in xda/help/en/default.htm or (2) the redirectUrl parameter in xda/component/virtuallinkconnect, enabling phishing or unwa...

6.1CVSS6.3AI score0.0294EPSS
Web
CVE
CVE
added 2017/09/27 5:0 p.m.68 views

CVE-2017-14526

CVE-2017-14526 affects OpenText Documentum Administrator 7.2.0180.0055 with XML External Entity (XXE) vulnerabilities. Remote authenticated users can cause DoS, read arbitrary files, or list directory contents, and on Windows may obtain Documentum user hashes via crafted DTDs or XML in specific t...

8.8CVSS8.3AI score0.01155EPSS
Web
CVE
CVE
added 2017/09/27 5:0 p.m.66 views

CVE-2017-14527

CVE-2017-14527 affects OpenText Documentum Webtop 6.8.0160.0073. The vulnerability is an XML External Entity (XXE) injection in Webtop, triggered by crafted XML—specifically in a DTD within a request to xda/com/documentum/ucf/server/transport/impl/GAIRConnector or via a crafted XML file in a Medi...

8.8CVSS8.3AI score0.01376EPSS
Web
CVE
CVE
added 2017/09/27 5:0 p.m.61 views

CVE-2017-14525

CVE-2017-14525 concerns OpenText Documentum Webtop 6.8.0160.0073 with open redirect vulnerabilities. The issue allows remote attackers to redirect users to arbitrary sites via (1) the startat parameter in xda/help/en/default.htm or (2) a slash-encoded sequence followed by a domain in the redirect...

6.1CVSS6.3AI score0.00825EPSS
Web