Open Redirect Vulnerabilities in OpenText Documentum Webtop by OpenText
CVE-2017-14525

6.1MEDIUM

Key Information:

Vendor: Opentext
Status: Documentum Administrator; Documentum Webtop
Vendor: CVE Published:; 28 September 2017

Summary

OpenText Documentum Webtop contains multiple open redirect vulnerabilities that allow remote attackers to redirect users to arbitrary websites. By manipulating parameters such as 'startat' and 'redirectUrl', attackers can craft URLs that could lead to malicious sites, enabling phishing attacks and potentially compromising user credentials.

References

http://seclists.org/fulldisclosure/2017/Sep/57

mailing-listx_refsource_FULLDISC

https://knowledge.opentext.com/knowledge/llisapi.dll/Open...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Sep 28, 2017
Vulnerability Reserved
Sep 17, 2017