Name of the Vulnerable Software and Affected Versions eDocLib (affected versions not specified)

Description The issue exists due to inadequate protection of the web page structure in the eDocLib platform for storing and processing corporate data. This allows a remote attacker to execute arbitrary code in the user's browser by placing it in a specially crafted value of the showDeleted parameter in the URL of the directory page.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.