Vulnerabilities > Opentext > Documentum D2

DATE CVE VULNERABILITY TITLE RISK
2018-04-11 CVE-2018-7660 Cross-site Scripting vulnerability in Opentext Documentum D2 4.6.0030
In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download _docbase or _username parameter.
network
opentext CWE-79
3.5
3.5
2018-04-11 CVE-2018-7659 Cross-site Scripting vulnerability in Opentext Documentum D2 4.6.0030
In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file.
network
opentext CWE-79
3.5
3.5
2017-02-22 CVE-2017-5586 Improper Input Validation vulnerability in Opentext Documentum D2
OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons Collections (ACC) libraries.
network
low complexity
opentext CWE-20
7.5
7.5