Cross-Site Scripting Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13

Cross-Site Scripting Vulnerability in OpenText Document Sciences xPression v4.5SP1 Patch 13

CVE-2017-14755 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to Cross-Site Scripting: /xAdmin/html/XPressoDoc, parameter: categoryId.

Learn more about our Web Application Penetration Testing UK.