CVE-2015-0551

EMC Documentum Administrator - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References (2)

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1032770

[Mailing List] http://seclists.org/bugtraq/2015/Jul/9

Scores

EPSS 0.0016

EPSS Percentile 36.6%

Classification

CWE

CWE-79

Status draft

Affected Products (12)

emc/documentum_administrator

emc/documentum_digital_asset_manager

emc/documentum_taskspace

emc/documentum_web_publisher

emc/documentum_webtop

Timeline

Published Jul 04, 2015

Tracked Since Feb 18, 2026