CVE-2015-0551

Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Published: Jul 4, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-0551
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
emc / documentum_webtop	6.7-sp1	6.7-sp1.x
emc / documentum_administrator	6.7-sp2	6.7-sp2.x
emc / documentum_administrator	7.2	7.2.x
emc / documentum_administrator	6.7-sp1	6.7-sp1.x
emc / documentum_webtop	6.8	6.8.x
emc / documentum_webtop	6.7-sp2	6.7-sp2.x
emc / documentum_taskspace	6.7-sp2	6.7-sp2.x
emc / documentum_administrator	7.1	7.1.x
emc / documentum_taskspace	6.7-sp1	6.7-sp1.x
emc / documentum_digital_asset_manager	6.5-sp6	6.5-sp6.x
emc / documentum_web_publisher	6.5-sp7	6.5-sp7.x
emc / documentum_administrator	7.0	7.0.x

Vulnerability Database

290,020

CVE-2015-0551