CVE-2017-14755 – OpenText Document Sciences xPression 4.5SP1 Patch 13 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2017-14755
OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Cross-Site Scripting: /xAdmin/html/XPressoDoc, parameter: categoryId. OpenText Document Sciences xPression (anteriormente conocido como EMC Document Sciences xPression) v4.5SP1 Patch 13 (otras versiones más antiguas también podrían verse afectadas) es propenso a Cross-Site Scripting (XSS): /xAdmin/html/XPressoDoc, parámetro: categoryId. OpenText Document Sciences xPression version 4.5SP1 Patch 13 suffers from a cross site scripting vulnerability in the XPressoDoc functionality. • http://seclists.org/fulldisclosure/2017/Sep/95 https://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-14754 – OpenText Document Sciences xPression 4.5SP1 Patch 13 Arbitrary File Read
https://notcve.org/view.php?id=CVE-2017-14754
OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Arbitrary File Read: /xAdmin/html/cm_datasource_group_xsd.jsp, parameter: xsd_datasource_schema_file filename. In order for this vulnerability to be exploited, an attacker must authenticate to the application first. OpenText Document Sciences xPression (anteriormente conocido como EMC Document Sciences xPression) v4.5SP1 Patch 13 (otras versiones más antiguas también podrían verse afectadas) es propenso a una lectura de archivos arbitrarios: /xAdmin/html/cm_datasource_group_xsd.jsp, parámetro: xsd_datasource_schema_file filename. Para que esta vulnerabilidad sea explotada, un atacante debe autenticarse antes en la aplicación. OpenText Document Sciences xPression version 4.5SP1 Patch 13 suffers from an arbitrary file read vulnerability. • http://seclists.org/fulldisclosure/2017/Sep/92 https://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2013-6174
https://notcve.org/view.php?id=CVE-2013-6174
Multiple open redirect vulnerabilities in xAdmin in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters. Múltiples vulnerabilidades de redirección abierta en xAdmin en EMC Document Sciences xPression 4.1 SP1 anterior a la versión Patch 47, 4.2 anterior a Patch 26, y 4.5 anterior a la versión Patch 05, tal y como se usa en Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y llevar a cabo ataques de phishing a través de vectores sin especificar. • http://archives.neohapsis.com/archives/bugtraq/2013-11/0095.html http://packetstormsecurity.com/files/124070/EMC-Document-Sciences-xPression-XSS-CSRF-Redirect-SQL-Injection.html http://www.kb.cert.org/vuls/id/346982 http://www.securityfocus.com/bid/63810 http://www.securitytracker.com/id/1029384 • CWE-20: Improper Input Validation •
CVE-2013-6173
https://notcve.org/view.php?id=CVE-2013-6173
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to hijack the authentication of administrators for requests that perform administrative actions in (1) xAdmin or (2) xDashboard. Múltiples vulnerabilidades de CSRF en EMC Document Sciences xPression 4.1 SP1 anterior a la versión Patch 47, 4.2 anterior a Patch 26, y 4.5 anterior a la versión Patch 05, tal y como se usa en Documentum Edition, Enterprise Edition Publish Engine, y Enterprise Edition Compuset Engine, permite a atacantes remotos secuestrar la autenticación de peticiones de administrador que realicen acciones administrativas en (1) xAdmin o (2) xDashboard. • http://archives.neohapsis.com/archives/bugtraq/2013-11/0095.html http://osvdb.org/99985 http://packetstormsecurity.com/files/124070/EMC-Document-Sciences-xPression-XSS-CSRF-Redirect-SQL-Injection.html http://www.kb.cert.org/vuls/id/346982 http://www.securitytracker.com/id/1029384 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2013-6176
https://notcve.org/view.php?id=CVE-2013-6176
Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated users to execute arbitrary SQL commands via unspecified input to a (1) xAdmin or (2) xDashboard form. Vulnerabilidades de inyección SQL en EMC Document Sciences xPression 4.1 SP1 anterior a la versión Patch 47, 4.2 anterior a Patch 26, y 4.5 anterior a la versión Patch 05, tal y como se usa en Documentum Edition, Enterprise Edition Publish Engine, y Enterprise Edition Compuset Engine, permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de entradas sin especificar hacia (1) xAdmin o (2) xDashboard. • http://archives.neohapsis.com/archives/bugtraq/2013-11/0095.html http://packetstormsecurity.com/files/124070/EMC-Document-Sciences-xPression-XSS-CSRF-Redirect-SQL-Injection.html http://www.kb.cert.org/vuls/id/346982 http://www.securitytracker.com/id/1029384 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •