This page lists publicly disclosed CVE vulnerabilities affecting ericsson enterprise_content_management (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-41391 | In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover. | [email protected] | 5.4 | 0.55% | 2021-09-17 | 2026-06-17 |
| CVE-2021-41390 | In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection. | [email protected] | 8.0 | 1.07% | 2021-09-17 | 2026-06-17 |