Vulnerabilities > Opentext > Document Sciences Xpression > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-03 | CVE-2017-14756 | Cross-site Scripting vulnerability in Opentext Document Sciences Xpression 4.5 OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Cross-Site Scripting: /xAdmin/html/Deployment (cat_id). | 6.1 |
| 2017-10-03 | CVE-2017-14755 | Cross-site Scripting vulnerability in Opentext Document Sciences Xpression 4.5 OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Cross-Site Scripting: /xAdmin/html/XPressoDoc, parameter: categoryId. | 6.1 |
| 2017-10-03 | CVE-2017-14754 | Path Traversal vulnerability in Opentext Document Sciences Xpression 4.5 OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Arbitrary File Read: /xAdmin/html/cm_datasource_group_xsd.jsp, parameter: xsd_datasource_schema_file filename. | 6.5 |