CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7660
https://notcve.org/view.php?id=CVE-2018-7660
In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download _docbase or _username parameter. En OpenText Documentum D2 Webtop v4.6.0030 build 059, una vulnerabilidad Cross-Site Scripting (XSS) reflejado podría ser explotada por usuarios maliciosos para comprometer el sistema afectado mediante los parámetros servlet/Download _docbase o _username. • https://vipinxsec.blogspot.com/2018/04/reflected-xss-in-documentum-d2.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7659
https://notcve.org/view.php?id=CVE-2018-7659
In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file. En OpenText Documentum D2 Webtop v4.6.0030 build 059, una vulnerabilidad Cross-Site Scripting (XSS) persistente podría ser explotada por usuarios maliciosos para comprometer el sistema afectado mediante un nombre de archivo de un archivo de imagen subido. • https://vipinxsec.blogspot.com/2018/04/stored-xss-in-documentum-d2-steps-to.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •