Cross-Site Scripting Vulnerability in Livelink ECM from OpenText
CVE-2008-0769

Currently unrated

Key Information:

Vendor: Opentext
Status: Livelink Ecm
Vendor: CVE Published:; 14 February 2008

Summary

The vulnerability in OpenText's Livelink ECM allows attackers to exploit a lack of character set specification, enabling remote exploitation through crafted UTF-7 encoded input. This can lead to the injection of arbitrary web scripts or HTML, posing significant security risks to applications utilizing affected versions. System administrators are urged to apply security patches and conduct thorough evaluations of input validation processes.

References

http://withdk.com/archives/livelink-utf7-xss-advisory.pdf

x_refsource_MISC

http://www.securityfocus.com/bid/27537

vdb-entryx_refsource_BID

http://lists.grok.org.uk/pipermail/full-disclosure/2008-J...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Feb 14, 2008
Vulnerability Reserved
Feb 13, 2008