4 matches found
OpenText Extended ECM 22.3 File Deletion / LFI / Privilege Escsalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple post-authentication vulnerabilities including RCE product: OpenText™ Content Server component of OpenText™ Extended ECM vulnerable version: 16.2.2 - 22.3 fixed...
CVE-2022-45925
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The action xmlexport accepts the parameter requestContext. If this parameter is present, the response includes most of the HTTP headers sent to the server and some of the CGI variables like remoteadde and servername,...
CVE-2022-45925
CVE-2022-45925 affects OpenText Content Suite Platform 22.1 (16.2.19.1803). The vulnerability arises in the action xmlexport when the parameter requestContext is present; the response may disclose most HTTP headers and certain CGI variables (e.g., remote_adde, server_name), constituting an inform...
CVE-2022-45925
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The action xmlexport accepts the parameter requestContext. If this parameter is present, the response includes most of the HTTP headers sent to the server and some of the CGI variables like remoteadde and servername,...