Vulnerabilities (CVE)

Filtered by vendor Opentext Subscribe

Filtered by product Document Sciences Xpression

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-14960	1 Opentext	1 Document Sciences Xpression	2018-01-17	5.0 MEDIUM	7.5 HIGH
xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection.
CVE-2017-14757	1 Opentext	1 Document Sciences Xpression	2017-10-18	6.5 MEDIUM	8.8 HIGH
OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xDashboard/html/jobhistory/downloadSupportFile.action, parameter: jobRunId. In order for this vulnerability to be exploited, an attacker must authenticate to the application first.
CVE-2017-14758	1 Opentext	1 Document Sciences Xpression	2017-10-18	6.5 MEDIUM	8.8 HIGH
OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xAdmin/html/cm_doclist_view_uc.jsp, parameter: documentId. In order for this vulnerability to be exploited, an attacker must authenticate to the application first.