Vulnerabilities > Opentext > Livelink ECM > 9.7.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-11-26 | CVE-2010-5283 | Cross-Site Request Forgery (CSRF) vulnerability in Opentext Livelink ECM 9.7.1 Cross-site request forgery (CSRF) vulnerability in OpenText ECM (formerly Livelink ECM) 9.7.1 allows remote attackers to hijack the authentication of administrators for requests that change folder and resource permissions. | 6.8 |
2012-11-26 | CVE-2010-5282 | Cross-Site Scripting vulnerability in Opentext Livelink ECM 9.7.1 Multiple cross-site scripting (XSS) vulnerabilities in OpenText ECM (formerly Livelink ECM) 9.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewType and (2) sort parameters in a browse action to livelink/livelink; and the (3) nodeid, (4) setctx, and (5) support parameters to livelinkdav/nodes/OOB_DAVWindow.html. | 4.3 |