CVE-2017-14960

xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection.
References
Link Resource
http://seclists.org/fulldisclosure/2018/Jan/6 Exploit Mailing List Third Party Advisory
https://www.exploit-db.com/exploits/43422/ Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/102419 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:opentext:document_sciences_xpression:*:sp1_p13:*:*:*:*:*:*

Information

Published : 2018-01-04 09:29

Updated : 2018-01-17 10:20


NVD link : CVE-2017-14960

Mitre link : CVE-2017-14960


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

opentext

  • document_sciences_xpression