Required CVE Record Information
Description
EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository information by appending a query to a REST request.
References 2 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 2 Total
- securitytracker.com: 1034993 vdb-entryx_transferred
- seclists.org: 20160209 ESA-2016-010 EMC Documentum xCP Security Update for Multiple Vulnerabilities mailing-listx_transferred