Input validation

2023-01-1821:15:00

PRIOn knowledge base

www.prio-n.com

opentext content suite

remote execution

oscript

html pipeline

security vulnerability

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.0%

JSON

A remote OScript execution issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). Multiple endpoints allow the user to pass the parameter htmlFile, which is included in the HTML output rendering pipeline of a request. Because the Content Server evaluates and executes Oscript code in HTML files, it is possible for an attacker to execute Oscript code. The Oscript scripting language allows the attacker (for example) to manipulate files on the filesystem, create new network connections, or execute OS commands.

CPENameOperatorVersion
opentext_extended_ecmge16.2.2
opentext_extended_ecmle22.3

CPE	Name	Operator	Version
	opentext_extended_ecm	ge	16.2.2
	opentext_extended_ecm	le	22.3

References

packetstormsecurity.com/files/170615/OpenText-Extended-ECM-22.3-File-Deletion-LFI-Privilege-Escsalation.html

seclists.org/fulldisclosure/2023/Jan/14

sec-consult.com/vulnerability-lab/advisory/multiple-post-authentication-vulnerabilities-including-rce-opentexttm-extended-ecm/