CVE-2025-8048

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file path and then download the specified file from the system by requesting the stored document ID. This issue affects Flipper: 3.1.2...

CVE-2025-8052

SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...

CVE-2025-8052

CVE-2025-8052 affects OpenText Flipper 3.1.2. The vulnerability is a SQL Injection via the HQL processor that could let a low-privilege user interact with the database and extract data. The available connected sources consistently describe the impact as SQL injection with high confidentiality/int...

CVE-2025-8052 HQL Injection vulnerability has been discovered in Opentext Flipper.

SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...

CVE-2025-8052 HQL Injection vulnerability has been discovered in Opentext Flipper.

SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...

CVE-2025-8048 External Control of File path vulnerability has been discovered on Openext Flipper.

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file path and then download the specified file from the system by requesting the stored document ID. This issue affects Flipper: 3.1.2...

CVE-2025-8048 External Control of File path vulnerability has been discovered on Openext Flipper.

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file path and then download the specified file from the system by requesting the stored document ID. This issue affects Flipper: 3.1.2...

CVE-2025-8048

CVE-2025-8048 : OpenText Flipper 3.1.2 is affected by an External Control of File Name or Path vulnerability leading to a path traversal issue. The issue allows an attacker to submit a stored local file path and then download the specified file from the system by requesting the stored document ID...

CVE-2025-8049

CVE-2025-8049 : OpenText Flipper (version 3.1.2) contains an Insufficient Granularity of Access Control vulnerability that could allow a low-privilege user to elevate privileges within the application. The issue is described across multiple sources (NVD, Red Hat, ENISA EUVD, etc.) as a privilege-...

CVE-2025-8049 Insufficient Access Control vulnerability has been discovered in OpenText Flipper.

Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low-privilege user to elevate privileges within the application. This issue affects Flipper: 3.1.2...

CVE-2025-8049 Insufficient Access Control vulnerability has been discovered in OpenText Flipper.

Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low-privilege user to elevate privileges within the application. This issue affects Flipper: 3.1.2...

CVE-2025-8051 Path traversal validation vulnerability has been discovered in opentext Flipper.

Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...

CVE-2025-8051

CVE-2025-8051 affects OpenText Flipper 3.1.2. The issue is a path traversal vulnerability that could allow an attacker to access files hosted on the server (absolute path traversal). The connected documents confirm the affected product and the vulnerability class but do not provide a specific fix...

CVE-2025-8051 Path traversal validation vulnerability has been discovered in opentext Flipper.

Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...

CVE-2025-8053

CVE-2025-8053 affects OpenText Flipper v3.1.2. The issue is an insufficient granularity of access control that could allow a low-privilege user to interact with the backend API without proper privileges. The vulnerability centers on how access controls are configured for Flipper’s backend API, en...

CVE-2025-8053 Insufficient access control vulnerability has been discovered in Opentext Flipper.

Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1....

CVE-2025-8053 Insufficient access control vulnerability has been discovered in Opentext Flipper.

Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1....

OpenText Flipper 安全漏洞

OpenText Flipper is a vendor self-submission invoice portal extension package from OpenText Canada. A security vulnerability exists in OpenText Flipper version 3.1.2 that originates from an externally controlled filename or path and could lead to a path traversal attack...

OpenText Flipper 安全漏洞

OpenText Flipper is a vendor self-submission invoice portal extension package from OpenText Canada. A security vulnerability exists in OpenText Flipper version 3.1.2, which stems from insufficient access control granularity and could lead to a low-privileged user interacting with the back-end API...

OpenText Flipper 安全漏洞

OpenText Flipper is a vendor self-submission invoice portal extension package from OpenText Canada. A security vulnerability exists in OpenText Flipper version 3.1.2 that stems from vulnerability to an absolute path traversal attack that could lead to accessing files on the server...