CVE-2014-2512

EMC Documentum eRoom 7.4.3, 7.4.4 < P19, 7.4.4 SP1 - Authenticated Cross-Site Scripting

Title source: llm
STIX 2.1

Description

Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030493
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/59419
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Jul/0
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-06/0176.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/532608/100/0/threaded

Scores

EPSS 0.0030
EPSS Percentile 53.1%

Details

CWE
CWE-79
Status published
Products (2)
emc/documentum_eroom 7.4.3
emc/documentum_eroom 7.4.4 (2 CPE variants)
Published Jul 01, 2014
Tracked Since Feb 18, 2026