Vulnerabilities > Xythos

DATE	CVE	VULNERABILITY TITLE	RISK
2007-06-27	CVE-2007-3256	Input Validation vulnerability in Xythos products Xythos Enterprise Document Manager (XEDM), Digital Locker (XDL), and possibly WebFile Server before 6.0.46.1 allow remote authenticated users to associate arbitrary Content-Type HTTP headers with documents, which might facilitate malware distribution. network low complexity xythos	4.0
2007-06-27	CVE-2007-3255	Input Validation vulnerability in Xythos Enterprise Document Manager Multiple cross-site request forgery (CSRF) vulnerabilities in Xythos Enterprise Document Manager (XEDM) before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to execute commands as arbitrary users via (1) a saved Workflow name or (2) the Content-Type HTTP header. network low complexity xythos	6.5
2007-06-27	CVE-2007-3254	Input Validation vulnerability in Xythos Enterprise Document Manager 5.0/6.0 Multiple cross-site scripting (XSS) vulnerabilities in Xythos Enterprise Document Manager (XEDM) before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to inject arbitrary web script or HTML via (1) a saved Workflow name; (2) a Workflow name, related to deletion of a Workflow template; (3) the Content-Type HTTP header; or (4) the name of an uploaded file. network xythos	3.5

Vulnerabilities > Xythos {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Xythos"}]}