) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): DocuShare
- Search Type: Search All
- Match: Exact
- CPE Name Search: false
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-16307 |
A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter (webExMeetingLogin.jsp) and meetingKey parameter (deleteWebExMeetingCheck.jsp). Published: September 14, 2019; 1:15:10 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2014-3138 |
SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary SQL commands via the PATH_INFO to /docushare/dsweb/ResultBackgroundJobMultiple/. NOTE: some of these details are obtained from third party information. Published: May 01, 2014; 8:55:07 PM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |
| CVE-2008-5225 |
Multiple cross-site scripting (XSS) vulnerabilities in Xerox DocuShare 6 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) SearchResults/ and (2) Services/ in dsdn/dsweb/, and (3) the default URI under unspecified docushare/dsweb/ServicesLib/Group-#/ directories. Published: November 25, 2008; 2:30:08 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |