Vulnerabilities > Opentext > Documentum D2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-11 | CVE-2018-7660 | Cross-site Scripting vulnerability in Opentext Documentum D2 4.6.0030 In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download _docbase or _username parameter. | 5.4 |
| 2018-04-11 | CVE-2018-7659 | Cross-site Scripting vulnerability in Opentext Documentum D2 4.6.0030 In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file. | 5.4 |
| 2017-02-22 | CVE-2017-5586 | Improper Input Validation vulnerability in Opentext Documentum D2 OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons Collections (ACC) libraries. | 9.8 |