CVE-2013-3281

EMC Webtop <6.7.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7 SP2 P07, Documentum Web Publisher before 6.5 SP7, Documentum Digital Asset Manager before 6.5 SP6, Documentum Administrator before 6.7 SP2 P07, and Documentum Capital Projects before 1.8 P01 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter in a URL.

References (2)

[US Government Resource] http://www.kb.cert.org/vuls/id/466876

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2013-11/0018.html

Scores

EPSS 0.0059

EPSS Percentile 68.8%

Classification

CWE

CWE-79

Status draft

Affected Products (26)

emc/documentum_taskspace < 6.7

emc/documentum_taskspace

emc/documentum_capital_projects < 1.8

emc/documentum_wdk < 6.7

emc/documentum_wdk

emc/documentum_digital_asset_manager < 6.5

emc/documentum_digital_asset_manager

emc/documentum_administrator < 6.7

emc/documentum_administrator

... and 11 more

Timeline

Published Nov 06, 2013

Tracked Since Feb 18, 2026