CVE-2014-2512
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0030 (0.3%)
Percentile: 52.9%
EPSS: 2026-05-06
Affects
emc:documentum_eroomTechnical description
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Published: 7/1/2014, 12:55:05 AM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://archives.neohapsis.com/archives/bugtraq/2014-06/0176.html
- http://packetstormsecurity.com/files/127309/EMC-Documentum-eRoom-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/127321/EMC-Documentum-eRoom-Stored-Cross-Site-Scripting.html
- http://seclists.org/fulldisclosure/2014/Jul/0
- http://secunia.com/advisories/59419
- http://www.securityfocus.com/archive/1/532608/100/0/threaded
- http://www.securitytracker.com/id/1030493
- http://archives.neohapsis.com/archives/bugtraq/2014-06/0176.html