virus logo Intrusion Prevention

InterWoven.WorkDocs.XSS

description-logoDescription

This indicates an attack attempt against a cross-site scripting vulnerability
in Interwoven WorkDocs.
Interwoven WorkDocs is a document management tool that supports browser-based access. A vulnerability has been reported in it that may allow an attacker to execute script codes on a vulnerable system. This is possible because the user input filters fail to properly sanitize the "compnrtid" parameter value that is passed to "userOptions.asp" . An attacker may include script codes by supplying an injection string through the URL.

affected-products-logoAffected Products

Any version of Interwoven WorkDocs.

Impact logoImpact

System Comprise: Remote attackers can gain control of the vulnerable system.

recomended-action-logoRecommended Actions

Currently we are not aware of any officially supplied fix for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

ID 14781
Created Jul 12, 2007
Updated Jan 13, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows
Affected App Other