CVE-2016-8213

MEDIUM

EMC Documentum <6.8P18, <6.8.1P06, <6.7SP3P02, <1.9P30, <1.10P17, <...

Title source: llm

Description

EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and Version 7.2 prior to P18 contain a Stored Cross-Site Scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system.

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry x_refsource_confirm

http://www.securityfocus.com/archive/1/540019/30/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/95625

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1037626

Scores

CVSS v3 6.1

EPSS 0.0025

EPSS Percentile 48.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (9)

emc/documentum_administrator 7.0

emc/documentum_administrator 7.1

emc/documentum_administrator 7.2

emc/documentum_capital_projects 1.9

emc/documentum_capital_projects 1.10

emc/documentum_taskspace 6.7 sp3

emc/documentum_webtop 6.8

emc/documentum_webtop 6.8.1

n/a/EMC Documentum Webtop and Clients EMC Documentum Webtop and Clients

Published Jan 23, 2017

Tracked Since Feb 18, 2026