1938 matches found
CVE-2023-4551
OpenText AppBuilder (Windows/Linux) is affected by CVE-2023-4551 due to improper input validation in the Scheduler functionality, enabling authenticated users to inject arbitrary OS commands into the running process. Affected versions are 21.2 through 23.2; published advisories indicate command i...
CVE-2023-4551 Command Injection via Task Scheduler
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. The AppBuilder's Scheduler functionality that facilitates creation of scheduled tasks is vulnerable to command injection. This allows authenticated users to inject arbitrary operating...
CVE-2023-4551 Command Injection via Task Scheduler
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. The AppBuilder's Scheduler functionality that facilitates creation of scheduled tasks is vulnerable to command injection. This allows authenticated users to inject arbitrary operating...
CVE-2023-4550
OpenText AppBuilder (Windows/Linux) is affected by CVE-2023-4550 due to improper input validation, enabling an unauthenticated or authenticated user to read arbitrary files on the server via a vulnerable AppBuilder page. Affected versions are 21.2 through 23.2. Remediation guidance in connected s...
CVE-2023-4550 Unauthenticated Arbitrary File Read
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. Thi...
PT-2024-13248 · Opentext · Opentext Appbuilder
Name of the Vulnerable Software and Affected Versions: OpenText AppBuilder versions 21.2 through 23.2 Description: The issue is related to improper input validation, allowing an authenticated user with database creation or management privileges to exploit the AppBuilder server. This exploitation...
OpenText AppBuilder Security Vulnerability
OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2 that stems from improper input validation and allows operating system command injection...
OpenText AppBuilder Security Vulnerability
OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2 that originates from incorrect input validation and allows probing of system files...
OpenText AppBuilder Code Issue Vulnerability
OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2, which originates from XML External Entity Injection and allows server-side requests to forge, probe system files...
OpenText AppBuilder Security Vulnerability
OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2 that originates from incorrect input validation and allows probing of system files...
OpenText AppBuilder Security Vulnerability
OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2, which arises from incorrect input validation, and an externally accessible file or directory vulnerability that allows probing of system files...
PT-2024-13246 · Opentext · Opentext Appbuilder
Name of the Vulnerable Software and Affected Versions: OpenText AppBuilder versions 21.2 through 23.2 Description: The issue allows an unauthenticated or authenticated user to abuse a page of AppBuilder to read arbitrary files on the server. This is due to improper input validation, making files ...
PT-2024-13247 · Opentext · Opentext Appbuilder
Name of the Vulnerable Software and Affected Versions: OpenText AppBuilder versions 21.2 through 23.2 Description: The issue is related to improper input validation in the OpenText AppBuilder's Scheduler functionality, which allows authenticated users to inject arbitrary operating system commands...
CVE-2023-5913
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...
Privilege escalation
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...
CVE-2023-5913
CVE-2023-5913 affects OpenText Fortify ScanCentral DAST. Root cause: Incorrect Privilege Assignment in the DAST API, enabling possible elevated privileges. Affected versions per sources: 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1 (PT-2023-8579 also lists 21.1 through 23.1). Impact: potential pr...
CVE-2023-5913 A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...
CVE-2023-5913 A potential Privilege Escalation vulnerability in opentext Fortify ScanCentral DAST API.
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1...
CVE-2023-4964
Potential open redirect vulnerability in opentext Service Management Automation X SMAX versions 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11 and opentext Asset Management X AMX versions 2021.08, 2021.11, 2022.05, 2022.11. The vulnerability could allow attackers ...
CVE-2023-4964
Potential open redirect vulnerability in opentext Service Management Automation X SMAX versions 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11 and opentext Asset Management X AMX versions 2021.08, 2021.11, 2022.05, 2022.11. The vulnerability could allow attackers ...