In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download _docbase or _username parameter.
References
| Link | Resource |
|---|---|
| https://vipinxsec.blogspot.com/2018/04/reflected-xss-in-documentum-d2.html | Exploit Third Party Advisory |
| https://vipinxsec.blogspot.com/2018/04/reflected-xss-in-documentum-d2.html | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 04:12
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://vipinxsec.blogspot.com/2018/04/reflected-xss-in-documentum-d2.html - Exploit, Third Party Advisory |
Information
Published : 2018-04-11 06:29
Updated : 2024-11-21 04:12
NVD link : CVE-2018-7660
Mitre link : CVE-2018-7660
CVE.ORG link : CVE-2018-7660
JSON object : View
Products Affected
opentext
- documentum_d2
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')