Vulnerability Details CVE-2014-2511
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.4%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/60561
- http://www.securityfocus.com/archive/1/533160/30/0/threaded
- http://www.securityfocus.com/bid/69272
- http://www.securitytracker.com/id/1030741
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95366
- http://secunia.com/advisories/60561
- http://www.securityfocus.com/archive/1/533160/30/0/threaded
- http://www.securityfocus.com/bid/69272
- http://www.securitytracker.com/id/1030741
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95366
Products affected by CVE-2014-2511
-
cpe:2.3:a:emc:digital_assets_manager:6.5
-
cpe:2.3:a:emc:documentum_administrator:6.7
-
cpe:2.3:a:emc:documentum_administrator:7.0
-
cpe:2.3:a:emc:documentum_administrator:7.1
-
cpe:2.3:a:emc:documentum_capital_projects:1.8
-
cpe:2.3:a:emc:documentum_capital_projects:1.9
-
cpe:2.3:a:emc:documentum_webtop:6.7
-
cpe:2.3:a:emc:engineering_plant_facilities_management_solution_for_documentum:1.7
-
cpe:2.3:a:emc:records_client:6.7
-
cpe:2.3:a:emc:task_space:6.7
-
cpe:2.3:a:emc:web_publishers:6.5