Vulnerabilities > EMC > Documentum Eroom > 7.4.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-03 | CVE-2017-2766 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in EMC Documentum Eroom 7.4.4/7.4.5/7.5.0 EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 7.5 |
2014-07-01 | CVE-2014-2512 | Cross-Site Scripting vulnerability in EMC Documentum Eroom 7.4.3/7.4.4 Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-11-06 | CVE-2013-3286 | Cross-Site Scripting vulnerability in EMC Documentum Eroom Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |