101 matches found
CVE-2021-3010
There are multiple persistent cross-site scripting XSS vulnerabilities in the web interface of OpenText Content Server Version 20.3. The application allows a remote attacker to introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized...
CVE-2024-12863
Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...
CVE-2024-12543
User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter barcode attributes...
CVE-2024-12862
Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...
CVE-2024-12543
User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter barcode attributes...
CVE-2024-12863
Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...
CVE-2024-12862
Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...
CVE-2024-12543 A user enumeration and subsequent data integrity vulnerability affecting barcode functionality
User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter barcode attributes...
CVE-2024-12543
OpenText Content Management 24.3–25.1 on Windows and Linux is affected by CVE-2024-12543, a user-enumeration and data-integrity issue in the barcode functionality that could allow a malicious authenticated attacker to alter barcode attributes. Affected component is the barcode handling path; root...
CVE-2024-12543 A user enumeration and subsequent data integrity vulnerability affecting barcode functionality
User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter barcode attributes...
CVE-2024-12863 Stored XSS in Discussions functionality
Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...
CVE-2024-12863
CVE-2024-12863 corresponds to a Stored XSS flaw in OpenText Content Management CE (versions 20.2–25.1) within the Discussions feature. Affected software is OpenText Content Management CE on Windows and Linux. The root cause is stored cross-site scripting in the Discussions module, exploitable by ...
CVE-2024-12863 Stored XSS in Discussions functionality
Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...
CVE-2024-12862 REST API allows users without permissions to remove external collaborators
Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...
CVE-2024-12862
CVE-2024-12862 describes an Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows and Linux, allowing users without proper permissions to remove external collaborators. Affected versions: Content Server 20.2–24.4. CVSS v4.0 base score 5.5 (Medium). No public exp...
CVE-2024-12862 REST API allows users without permissions to remove external collaborators
Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4...
PT-2025-17443 · Opentext · Opentext Content Management
Name of the Vulnerable Software and Affected Versions: OpenText Content Management CE versions 20.2 through 25.1 Description: The issue allows authenticated malicious users to inject code into the system through a Stored XSS in Discussions. This affects OpenText Content Management CE on both...
PT-2025-17436 · Opentext · Opentext Content Server
Name of the Vulnerable Software and Affected Versions: OpenText Content Server versions 20.2 through 24.4 Description: The issue is related to an Incorrect Authorization vulnerability in the OpenText Content Server REST API, allowing users without the appropriate permissions to remove external...
OpenText Content Management CE 跨站脚本漏洞
OpenText Content Management CE is an enterprise content management solution from OpenText Canada. A cross-site scripting vulnerability exists in OpenText Content Management CE versions 20.2 through 25.1, which stems from stored cross-site scripting in the Discussions feature that could lead to co...
OpenText Content Server 安全漏洞
OpenText Content Server is an enterprise content management software from OpenText Canada. A security vulnerability exists in OpenText Content Server versions 20.2 through 24.4, which stems from improper authorization of the REST API and could result in an unprivileged user deleting external...