HIGH🇵🇱 Wersja polska

CVE-2017-14758

CVSS 8.8v3.0pub. 2017-10-03upd. 2026-05-13

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xAdmin/html/cm_doclist_view_uc.jsp, parameter: documentId. In order for this vulnerability to be exploited, an attacker must authenticate to the application first.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Opentext Document Sciences Xpression

    APP
    Opentext
    ≤ 4.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2017-14759CRITICAL9.8ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-14960HIGH7.5ten sam produkt

xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13...

CVE-2017-14757HIGH8.8ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-14754MEDIUM6.5ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-14755MEDIUM6.1ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...