PT-2018-5749 · Opentext · Opentext Document Sciences Xpression

Pawel Gocyla

·

Publicado

2018-01-04

·

Atualizado

2018-01-17

·

CVE-2017-14960

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions: OpenText Document Sciences xPression version 4.5SP1 Patch 13
Description: The issue is related to SQL Injection in xDashboard.
Recommendations: For version 4.5SP1 Patch 13, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2017-14960

Produtos afetados

Opentext Document Sciences Xpression