GCVE - cpe:2.3:a:ericsson:enterprise_content_management:18.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ericsson:enterprise_content_management:18.0:*:*:*:*:*:*:*

part: a version: 18.0 update: *

Vendor	Ericsson (`198bbf36-f632-548c-bd14-c61a678abe8e`)
Product	Enterprise Content Management (`fdcde52d-36fc-5311-b321-799237556a6c`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-41391`	vulnerable	2026-06-03 14:45:25.738681	Details available In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover. Published: 2021-09-17T20:56:21.000Z Updated: 2024-08-04T03:08:32.429Z Open on db.gcve.eu Reference links https://the-it-wonders.blogspot.com/2021/09/ericsson-ecm-enterprise-content.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-41390`	vulnerable	2026-06-03 14:45:25.738257	Details available In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection. Published: 2021-09-17T20:55:54.000Z Updated: 2024-08-04T03:08:32.437Z Open on db.gcve.eu Reference links https://the-it-wonders.blogspot.com/2021/09/ericsson-ecm-enterprise-content_17.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.