CVE-2013-6173

Name of the Vulnerable Software and Affected Versions EMC Document Sciences xPression versions 4.1 SP1 before Patch 47 EMC Document Sciences xPression versions 4.2 before Patch 26 EMC Document Sciences xPression versions 4.5 before Patch 05

Description The issue allows remote attackers to hijack the authentication of administrators for requests that perform administrative actions in (1) xAdmin or (2) xDashboard. This is due to multiple cross-site request forgery (CSRF) vulnerabilities.

Recommendations For versions 4.1 SP1, apply Patch 47 to resolve the issue. For versions 4.2, apply Patch 26 to resolve the issue. For versions 4.5, apply Patch 05 to resolve the issue.