CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-4636

Cross-site request forgery (CSRF) vulnerability in EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to hijack the authentication of arbitrary users for requests that perform Docbase operations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.5%

CVSS Severity

CVSS v2 Score 6.8

References

http://archives.neohapsis.com/archives/bugtraq/2015-01/0009.html
http://packetstormsecurity.com/files/129822/EMC-Documentum-Web-Development-Kit-XSS-CSRF-Redirection-Injection.html
http://www.securitytracker.com/id/1031497
http://archives.neohapsis.com/archives/bugtraq/2015-01/0009.html
http://packetstormsecurity.com/files/129822/EMC-Documentum-Web-Development-Kit-XSS-CSRF-Redirection-Injection.html
http://www.securitytracker.com/id/1031497

Products affected by CVE-2014-4636

Emc » Documentum Wdk » Version: 6.7

cpe:2.3:a:emc:documentum_wdk:6.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-4636

Products

Pricing

Contact Us