CVE-2016-9872

MEDIUM

EMC Documentum D2 - XSS

Title source: rule

Description

EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Reflected Cross-Site Scripting Vulnerabilities that could potentially be exploited by malicious users to compromise the affected system.

References (3)

[Third Party Advisory] http://www.securityfocus.com/archive/1/540060/30/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/95824

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1037733

Scores

CVSS v3 6.1

EPSS 0.0028

EPSS Percentile 51.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Classification

CWE

CWE-79

Status published

Affected Products (3)

emc/documentum_d2

n/a/EMC Documentum D2 EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 < EMC Documentum D2 EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6

Timeline

Published Feb 03, 2017

Tracked Since Feb 18, 2026