Vulnerabilities (CVE)

Filtered by vendor Interwoven Subscribe
Filtered by product Worksite Web
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-1617 1 Interwoven 1 Worksite Web 2024-02-04 9.3 HIGH N/A
Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null.
CVE-2008-1700 1 Interwoven 1 Worksite Web 2024-02-02 7.1 HIGH N/A
The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive.