Lucene search
K

101 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.10 views

CVE-2021-3010

There are multiple persistent cross-site scripting XSS vulnerabilities in the web interface of OpenText Content Server Version 20.3. The application allows a remote attacker to introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized...

5.4CVSS6.1AI score0.00862EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/26 4:50 a.m.13 views

CVE-2024-12863

Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...

5.6CVSS5.9AI score0.00314EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 9:17 p.m.13 views

CVE-2024-12543

User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter barcode attributes...

5.9CVSS6.8AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 9:15 p.m.8 views

CVE-2024-12862

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

5.5CVSS6.9AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2025/04/21 4:15 p.m.42 views

CVE-2024-12543

User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter barcode attributes...

5.9CVSS0.00274EPSS
Exploits0References1
NVD
NVD
added 2025/04/21 3:15 p.m.23 views

CVE-2024-12863

Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...

5.6CVSS0.00314EPSS
Exploits0References1
NVD
NVD
added 2025/04/21 3:15 p.m.13 views

CVE-2024-12862

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

5.5CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/21 3:14 p.m.35 views

CVE-2024-12543 A user enumeration and subsequent data integrity vulnerability affecting barcode functionality

User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter barcode attributes...

5.9CVSS0.00274EPSS
Exploits0References1
CVE
CVE
added 2025/04/21 3:14 p.m.58 views

CVE-2024-12543

OpenText Content Management 24.3–25.1 on Windows and Linux is affected by CVE-2024-12543, a user-enumeration and data-integrity issue in the barcode functionality that could allow a malicious authenticated attacker to alter barcode attributes. Affected component is the barcode handling path; root...

5.9CVSS6.4AI score0.00274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/21 3:14 p.m.12 views

CVE-2024-12543 A user enumeration and subsequent data integrity vulnerability affecting barcode functionality

User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter barcode attributes...

5.9CVSS6.4AI score0.00274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/21 3:13 p.m.11 views

CVE-2024-12863 Stored XSS in Discussions functionality

Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...

5.6CVSS5.7AI score0.00314EPSS
Exploits0References1
CVE
CVE
added 2025/04/21 3:13 p.m.69 views

CVE-2024-12863

CVE-2024-12863 corresponds to a Stored XSS flaw in OpenText Content Management CE (versions 20.2–25.1) within the Discussions feature. Affected software is OpenText Content Management CE on Windows and Linux. The root cause is stored cross-site scripting in the Discussions module, exploitable by ...

5.6CVSS5.7AI score0.00314EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/21 3:13 p.m.26 views

CVE-2024-12863 Stored XSS in Discussions functionality

Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...

5.6CVSS0.00314EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/21 2:22 p.m.19 views

CVE-2024-12862 REST API allows users without permissions to remove external collaborators

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

5.5CVSS0.0024EPSS
Exploits0References1
CVE
CVE
added 2025/04/21 2:22 p.m.1280 views

CVE-2024-12862

CVE-2024-12862 describes an Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows and Linux, allowing users without proper permissions to remove external collaborators. Affected versions: Content Server 20.2–24.4. CVSS v4.0 base score 5.5 (Medium). No public exp...

5.5CVSS6.5AI score0.0024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/21 2:22 p.m.10 views

CVE-2024-12862 REST API allows users without permissions to remove external collaborators

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...

5.5CVSS7.1AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/21 12:0 a.m.5 views

PT-2025-17443 · Opentext · Opentext Content Management

Name of the Vulnerable Software and Affected Versions: OpenText Content Management CE versions 20.2 through 25.1 Description: The issue allows authenticated malicious users to inject code into the system through a Stored XSS in Discussions. This affects OpenText Content Management CE on both...

5.6CVSS5.6AI score0.00314EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/21 12:0 a.m.8 views

PT-2025-17436 · Opentext · Opentext Content Server

Name of the Vulnerable Software and Affected Versions: OpenText Content Server versions 20.2 through 24.4 Description: The issue is related to an Incorrect Authorization vulnerability in the OpenText Content Server REST API, allowing users without the appropriate permissions to remove external...

5.5CVSS6.4AI score0.0024EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/04/21 12:0 a.m.5 views

OpenText Content Management CE 跨站脚本漏洞

OpenText Content Management CE is an enterprise content management solution from OpenText Canada. A cross-site scripting vulnerability exists in OpenText Content Management CE versions 20.2 through 25.1, which stems from stored cross-site scripting in the Discussions feature that could lead to co...

5.6CVSS6.4AI score0.00314EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/21 12:0 a.m.6 views

OpenText Content Server 安全漏洞

OpenText Content Server is an enterprise content management software from OpenText Canada. A security vulnerability exists in OpenText Content Server versions 20.2 through 24.4, which stems from improper authorization of the REST API and could result in an unprivileged user deleting external...

5.5CVSS6.7AI score0.0024EPSS
Exploits0References1
Rows per page
Query Builder