CVE-2015-6530: XSS
First published: Thu Aug 20 2015(Updated: )
Cross-site scripting (XSS) vulnerability in OpenText Secure MFT 2013 before 2013 R3 P6 and 2014 before 2014 R2 P2 allows remote attackers to inject arbitrary web script or HTML via the querytext parameter to userdashboard.jsp.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenText Secure MFT | <=r3 | |
| OpenText Secure MFT | <=r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-6530?
CVE-2015-6530 is rated as a medium severity XSS vulnerability.
How do I fix CVE-2015-6530?
To fix CVE-2015-6530, upgrade OpenText Secure MFT to version 2013 R3 P6 or 2014 R2 P2 or later.
What systems are affected by CVE-2015-6530?
CVE-2015-6530 affects OpenText Secure MFT 2013 before R3 P6 and Secure MFT 2014 before R2 P2.
What type of vulnerability is CVE-2015-6530?
CVE-2015-6530 is a Cross-Site Scripting (XSS) vulnerability.
Can CVE-2015-6530 lead to unauthorized access?
Yes, CVE-2015-6530 can allow attackers to inject and execute arbitrary web scripts, potentially leading to unauthorized access.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/opentext
- canonical/opentext secure mft
- version/opentext secure mft/r3
- version/opentext secure mft/r2