Filtered by vendor Opentext
Subscribe
Total
97 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-3010 | 1 Opentext | 1 Content Server | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| There are multiple persistent cross-site scripting (XSS) vulnerabilities in the web interface of OpenText Content Server Version 20.3. The application allows a remote attacker to introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized. | |||||
| CVE-2018-20165 | 1 Opentext | 1 Opentext Portal | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in OpenText Portal 7.4.4 allows remote attackers to inject arbitrary web script or HTML via the vgnextoid parameter to a menuitem URI. | |||||
| CVE-2019-12270 | 2 Microsoft, Opentext | 2 Windows, Brava\! | 2024-02-28 | 6.8 MEDIUM | 7.4 HIGH |
| OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. The share is used to retrieve documents for processing, and to store processed documents for display in the browser. The only required share level access is read/write by the JobProcessor service account. At the local filesystem level, the only additional required permissions would be read/write from the servlet engine, such as Tomcat. (The affected server components are not installed with Content Server by default, and must be installed separately.) NOTE: the vendor's position is that customers are not supposed to use this default setting without consulting the documentation. | |||||
| CVE-2019-7416 | 1 Opentext | 1 Documentum Webtop | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable. | |||||
| CVE-2018-7659 | 1 Opentext | 1 Documentum D2 | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file. | |||||
| CVE-2018-7660 | 1 Opentext | 1 Documentum D2 | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download _docbase or _username parameter. | |||||
| CVE-2017-14524 | 1 Opentext | 2 Documentum Administrator, Documentum Webtop | 2024-02-28 | 5.8 MEDIUM | 6.1 MEDIUM |
| Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect. | |||||
| CVE-2017-14526 | 1 Opentext | 2 Documentum Administrator, Documentum Webtop | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Administrator 7.2.0180.0055 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a (1) crafted DTD, involving unspecified XML structures in a request to xda/com/documentum/ucf/server/transport/impl/GAIRConnector or crafted XML file in a MediaProfile file (2) import or (3) check in. | |||||
| CVE-2017-14756 | 1 Opentext | 1 Document Sciences Xpression | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Cross-Site Scripting: /xAdmin/html/Deployment (cat_id). | |||||
| CVE-2017-14960 | 1 Opentext | 1 Document Sciences Xpression | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection. | |||||
| CVE-2017-14755 | 1 Opentext | 1 Document Sciences Xpression | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Cross-Site Scripting: /xAdmin/html/XPressoDoc, parameter: categoryId. | |||||
| CVE-2017-15276 | 1 Opentext | 1 Documentum Content Server | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpacking TAR archives, Content Server fails to verify the contents of an archive, which causes a path traversal vulnerability via symlinks. Because some files on the Content Server filesystem are security-sensitive, this leads to privilege escalation. | |||||
| CVE-2017-14527 | 1 Opentext | 2 Documentum Administrator, Documentum Webtop | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple XML external entity (XXE) vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a (1) crafted DTD, involving unspecified XML structures in a request to xda/com/documentum/ucf/server/transport/impl/GAIRConnector or crafted XML file in a MediaProfile file (2) import or (3) check in. | |||||
| CVE-2017-15013 | 1 Opentext | 1 Documentum Content Server | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, which are queryable and "editable" (before release 7.2P02, any authenticated user was able to edit dmr_content objects; now any authenticated user may delete a dmr_content object and then create a new one with the old identifier) by authenticated users; this allows any authenticated user to replace the content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges. | |||||
| CVE-2017-14758 | 1 Opentext | 1 Document Sciences Xpression | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xAdmin/html/cm_doclist_view_uc.jsp, parameter: documentId. In order for this vulnerability to be exploited, an attacker must authenticate to the application first. | |||||
| CVE-2017-15014 | 1 Opentext | 1 Documentum Content Server | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows authenticated users to download arbitrary content files regardless of the attacker's repository permissions: When an authenticated user uploads content to the repository, he performs the following steps: (1) calls the START_PUSH RPC-command; (2) uploads the file to the content server; (3) calls the END_PUSH_V2 RPC-command (here, Content Server returns a DATA_TICKET integer, intended to identify the location of the uploaded file on the Content Server filesystem); (4) creates a dmr_content object in the repository, which has a value of data_ticket equal to the value of DATA_TICKET returned at the end of END_PUSH_V2 call. As the result of this design, any authenticated user may create his own dmr_content object, pointing to already existing content in the Content Server filesystem. | |||||
| CVE-2017-14757 | 1 Opentext | 1 Document Sciences Xpression | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xDashboard/html/jobhistory/downloadSupportFile.action, parameter: jobRunId. In order for this vulnerability to be exploited, an attacker must authenticate to the application first. | |||||
| CVE-2017-14759 | 1 Opentext | 1 Document Sciences Xpression | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to an XML External Entity vulnerability: /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. An unauthenticated user is able to read directory listings or system files, or cause SSRF or Denial of Service. | |||||
| CVE-2017-14754 | 1 Opentext | 1 Document Sciences Xpression | 2024-02-28 | 6.8 MEDIUM | 6.5 MEDIUM |
| OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Arbitrary File Read: /xAdmin/html/cm_datasource_group_xsd.jsp, parameter: xsd_datasource_schema_file filename. In order for this vulnerability to be exploited, an attacker must authenticate to the application first. | |||||
| CVE-2017-15012 | 1 Opentext | 1 Documentum Content Server | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack an arbitrary file from the Content Server filesystem; because some files on the Content Server filesystem are security-sensitive, this leads to privilege escalation. | |||||