Vulnerabilities > EMC > Documentum Eroom > 7.4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-11-06 | CVE-2013-3286 | Cross-Site Scripting vulnerability in EMC Documentum Eroom Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
| 2012-03-15 | CVE-2012-0404 | Cross-Site Scripting vulnerability in EMC Documentum Eroom Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-03-15 | CVE-2012-0398 | Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Eroom EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors. | 7.5 |