Multiple EMC Documentum Products CVE-2014-2511 Multiple Cross Site Scripting Vulnerabilities
BID:69272
Info
Multiple EMC Documentum Products CVE-2014-2511 Multiple Cross Site Scripting Vulnerabilities
| Bugtraq ID: | 69272 |
| Class: | Input Validation Error |
| CVE: |
CVE-2014-2511 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 19 2014 12:00AM |
| Updated: | Aug 19 2014 12:00AM |
| Credit: | Lukasz Plonka |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Multiple EMC Documentum Products CVE-2014-2511 Multiple Cross Site Scripting Vulnerabilities
Multiple EMC Documentum products are prone to multiple cross-site scripting vulnerabilities.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Multiple EMC Documentum products are prone to multiple cross-site scripting vulnerabilities.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Exploit / POC
Multiple EMC Documentum Products CVE-2014-2511 Multiple Cross Site Scripting Vulnerabilities
Attackers can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.
Attackers can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.
References
Multiple EMC Documentum Products CVE-2014-2511 Multiple Cross Site Scripting Vulnerabilities
References:
References:
- EMC Documentum Multiple Cross-Site Scripting Vulnerabilities (SecLists.Org)
- EMC Homepage (EMC)