Cross-Site Scripting Vulnerabilities in OpenText ECM by OpenText
CVE-2010-5282

Currently unrated

Key Information:

Vendor: Opentext
Status: Livelink Ecm
Vendor: CVE Published:; 26 November 2012

Summary

OpenText ECM version 9.7.1 contains multiple cross-site scripting vulnerabilities that enable remote attackers to execute arbitrary web scripts or HTML. This exploitation can occur through the manipulation of specific parameters such as viewType, sort, nodeid, setctx, and support within URLs. By exploiting these vulnerabilities, attackers could compromise user data and manipulate web sessions, posing significant risks to both users and organizations relying on OpenText ECM.

References

http://secunia.com/advisories/41553

third-party-advisoryx_refsource_SECUNIA

http://packetstormsecurity.org/1009-exploits/opentext-xsr...

x_refsource_MISC

http://archives.neohapsis.com/archives/fulldisclosure/201...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Nov 26, 2012
Vulnerability Reserved
Nov 26, 2012