Stored Cross-Site Scripting Vulnerability in OpenText Documentum D2 Webtop
CVE-2018-7659

5.4MEDIUM

Key Information:

Vendor
Opentext
Vendor
CVE Published:
11 April 2018

Summary

In OpenText Documentum D2 Webtop version 4.6.0030 build 059, a stored cross-site scripting vulnerability allows attackers to execute malicious scripts by uploading files with hazardous filenames. This could enable unauthorized actions on behalf of users or compromise sensitive data, posing risks to system integrity.

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.