EUVD-2021-26364

Malware in sbrugna...

EUVD-2025-12377

Malicious code in bioql PyPI...

CVE-2021-3010

There are multiple persistent cross-site scripting XSS vulnerabilities in the web interface of OpenText Content Server Version 20.3. The application allows a remote attacker to introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized...

CVE-2024-12862

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

CVE-2024-12862

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

CVE-2024-12862 REST API allows users without permissions to remove external collaborators

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

CVE-2024-12862

CVE-2024-12862 describes an Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows and Linux, allowing users without proper permissions to remove external collaborators. Affected versions: Content Server 20.2–24.4. CVSS v4.0 base score 5.5 (Medium). No public exp...

CVE-2024-12862 REST API allows users without permissions to remove external collaborators

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

PT-2025-17436 · Opentext · Opentext Content Server

Name of the Vulnerable Software and Affected Versions: OpenText Content Server versions 20.2 through 24.4 Description: The issue is related to an Incorrect Authorization vulnerability in the OpenText Content Server REST API, allowing users without the appropriate permissions to remove external...

OpenText Content Server 安全漏洞

OpenText Content Server is an enterprise content management software from OpenText Canada. A security vulnerability exists in OpenText Content Server versions 20.2 through 24.4, which stems from improper authorization of the REST API and could result in an unprivileged user deleting external...

OpenText Extended ECM 22.3 Java Frontend Remote Code Execution Vulnerability

======================================================================= title: Pre-authenticated Remote Code Execution via Java frontend and QDS endpoint product: OpenText™ Content Server component of OpenText™ Extended ECM vulnerable version: 20.4 - 22.3 fixed version: 22.4 CVE number:...

OpenText Content Server 'multiple' Cross-Site Scripting Vulnerability

OpenText Content Server is a secure enterprise mobile content management system. A cross-site scripting vulnerability exists in OpenText Content Server 'multiple', which can be exploited by a remote attacker to introduce arbitrary JavaScript by creating malicious form values that will not be...

CVE-2021-3010

There are multiple persistent cross-site scripting XSS vulnerabilities in the web interface of OpenText Content Server Version 20.3. The application allows a remote attacker to introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized...

Cross site scripting

There are multiple persistent cross-site scripting XSS vulnerabilities in the web interface of OpenText Content Server Version 20.3. The application allows a remote attacker to introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized...

CVE-2021-3010

OpenText Content Server 20.3 exposes a web interface vulnerability (CVE-2021-3010) where un sanitized form values allow persistent cross-site scripting. Root cause: insufficient input sanitization on user-submitted form data in the web UI, enabling arbitrary JavaScript execution by remote attacke...

OpenText 跨站脚本漏洞

OpenText Content Server is a secure enterprise mobile content management system. A cross-site scripting vulnerability exists in OpenText Content Server 'multiple', which can be exploited by a remote attacker to introduce arbitrary JavaScript by creating malicious form values that will not be...

OpenText Content Server 20.3 Cross Site Scripting

Exploit Title: OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting Date: 19/02/2021 Exploit Author: Kamil Breński Vendor Homepage: https://www.opentext.com/ Software Link: https://www.opentext.com/products-and-solutions/products/enterprise-content-management/content-management...

CVE-2017-15276

OpenText Documentum Content Server formerly EMC Documentum Content Server through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches TAR archives. When unpacking TAR archives, Content Server...

CVE-2017-15013

OpenText Documentum Content Server formerly EMC Documentum Content Server through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmrcontent objects, which are queryable and "editable...

CVE-2017-15013

OpenText Documentum Content Server formerly EMC Documentum Content Server through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmrcontent objects, which are queryable and "editable...