CVE-2023-32264
- EPSS 0.04%
- Veröffentlicht 08.03.2024 21:15:06
- Zuletzt bearbeitet 21.11.2024 08:03:00
CWE-1385 vulnerability in OpenText Documentum D2 affecting versions16.5.1 to CE 23.2. The vulnerability could allow upload arbitrary code and execute it on the client's computer.
CVE-2018-7659
- EPSS 0.21%
- Veröffentlicht 11.04.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:29
In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file.
CVE-2018-7660
- EPSS 0.21%
- Veröffentlicht 11.04.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:29
In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download _docbase or _username parameter.
CVE-2017-5586
- EPSS 35.33%
- Veröffentlicht 22.02.2017 16:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons Collections (ACC) libraries.