CVE-2013-6176

Name of the Vulnerable Software and Affected Versions EMC Document Sciences xPression versions 4.1 before Patch 47 EMC Document Sciences xPression versions 4.2 before Patch 26 EMC Document Sciences xPression versions 4.5 before Patch 05

Description The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified input to a (1) xAdmin or (2) xDashboard form. This can be exploited by providing malicious input to these forms, potentially leading to unauthorized access or data manipulation.

Recommendations For EMC Document Sciences xPression version 4.1, apply Patch 47 to resolve the issue. For EMC Document Sciences xPression version 4.2, apply Patch 26 to resolve the issue. For EMC Document Sciences xPression version 4.5, apply Patch 05 to resolve the issue.