VYPR

Documentum Webtop

by Opentext

CVEs (7)

  • CVE-2017-14527HigSep 28, 2017
    risk 0.57cvss 8.8epss 0.01

    Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a…

  • CVE-2017-14526HigSep 28, 2017
    risk 0.57cvss 8.8epss 0.01

    Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user…

  • CVE-2017-14525MedSep 28, 2017
    risk 0.40cvss 6.1epss 0.01

    Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded…

  • CVE-2017-14524MedSep 28, 2017
    risk 0.40cvss 6.1epss 0.03

    Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded…

  • CVE-2018-7660MedApr 11, 2018
    risk 0.35cvss 5.4epss 0.01

    In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download _docbase or _username parameter.

  • CVE-2018-7659MedApr 11, 2018
    risk 0.35cvss 5.4epss 0.01

    In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file.

  • CVE-2019-7416Mar 17, 2019
    risk 0.00cvss epss 0.02

    XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable.