Opentext: >> Livelink Ecm >> 9.7.1 Security Vulnerabilities
Cross-site request forgery (CSRF) vulnerability in OpenText ECM (formerly Livelink ECM) 9.7.1 allows remote attackers to hijack the authentication of administrators for requests that change folder and resource permissions.
CVSS Score
6.8
EPSS Score
0.001
Published
2012-11-26
Multiple cross-site scripting (XSS) vulnerabilities in OpenText ECM (formerly Livelink ECM) 9.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewType and (2) sort parameters in a browse action to livelink/livelink; and the (3) nodeid, (4) setctx, and (5) support parameters to livelinkdav/nodes/OOB_DAVWindow.html.
CVSS Score
4.3
EPSS Score
0.005
Published
2012-11-26