Vulnerabilities for Livelink ecm (...) - CXSECURITY.COM

Vulnerabilities for 'Livelink ecm'

2012-11-26

CVE-2010-5283

Cross-site request forgery (CSRF) vulnerability in OpenText ECM (formerly Livelink ECM) 9.7.1 allows remote attackers to hijack the authentication of administrators for requests that change folder and resource permissions.

CVE-2010-5282

Multiple cross-site scripting (XSS) vulnerabilities in OpenText ECM (formerly Livelink ECM) 9.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewType and (2) sort parameters in a browse action to livelink/livelink; and the (3) nodeid, (4) setctx, and (5) support parameters to livelinkdav/nodes/OOB_DAVWindow.html.

2008-02-13

CVE-2008-0769

Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier does not set the charset, which allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input.

>>> Vendor: Opentext 16 Products

Opentext firstclass desktop client

Documentum administrator

Documentum webtop

Livelink ecm

Documentum content server

Opentext/ixos ecm for sap netweaver

Document sciences xpression

Exceed ondemand

Secure mft 2013

Secure mft 2014

Opentext portal

Brava\! desktop

Copyright 2024, cxsecurity.com