Vulnerabilities > EMC > Documentum D2 > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-08-22 | CVE-2015-4537 | Information Exposure vulnerability in EMC Documentum D2 Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive. | 3.5 |
| 2015-06-28 | CVE-2015-0549 | Cross-site Scripting vulnerability in EMC Documentum D2 Cross-site scripting (XSS) vulnerability in EMC Documentum D2 before 4.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |