DQL Injection Vulnerability in EMC Documentum xCP

DQL Injection Vulnerability in EMC Documentum xCP

CVE-2016-0881 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository information by appending a query to a REST request.

Learn more about our User Device Pen Test.