Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2022-45928
HistoryJan 18, 2023 - 12:00 a.m.

CVE-2022-45928

2023-01-1800:00:00
mitre
www.cve.org
1
oscript execution
opentext content suite
html parameter
content server
remote attack
filesystem manipulation

AI Score

8.7

Confidence

High

EPSS

0.004

Percentile

73.0%

JSON

A remote OScript execution issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). Multiple endpoints allow the user to pass the parameter htmlFile, which is included in the HTML output rendering pipeline of a request. Because the Content Server evaluates and executes Oscript code in HTML files, it is possible for an attacker to execute Oscript code. The Oscript scripting language allows the attacker (for example) to manipulate files on the filesystem, create new network connections, or execute OS commands.

Related

prion 1
nvd 1
cve 1
zdt 1
packetstorm 1
prion
prion
Input validation
2023-01-18 21:15:00
nvd
nvd
CVE-2022-45928
2023-01-18 21:15:11
cve
cve
CVE-2022-45928
2023-01-18 21:15:11
zdt
zdt
OpenText Extended ECM 22.3 File Deletion / LFI / Privilege Escsalation Vulnerabilities
2023-01-22 00:00:00
packetstorm
packetstorm
OpenText Extended ECM 22.3 File Deletion / LFI / Privilege Escsalation
2023-01-20 00:00:00

AI Score

8.7

Confidence

High

EPSS

0.004

Percentile

73.0%

JSON
Related for CVELIST:CVE-2022-45928
prion1nvd1cve1zdt1packetstorm1