CVE-2025-8049

Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low-privilege user to elevate privileges within the application. This issue affects Flipper: 3.1.2...

CVE-2025-8053

Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1....

CVE-2025-8050

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...

CVE-2025-8050 External Control of File vulnerability has been discovered in opentext Flipper.

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...

EUVD-2025-35109

Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2...

CVE-2025-8053

Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1....

CVE-2025-8052

SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...

CVE-2025-8052

CVE-2025-8052 affects OpenText Flipper 3.1.2. The vulnerability is a SQL Injection via the HQL processor that could let a low-privilege user interact with the database and extract data. The available connected sources consistently describe the impact as SQL injection with high confidentiality/int...

CVE-2025-8052 HQL Injection vulnerability has been discovered in Opentext Flipper.

SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2...

OpenText Flipper 安全漏洞

OpenText Flipper is a vendor self-submission invoice portal extension package from OpenText Canada. A security vulnerability exists in OpenText Flipper version 3.1.2, which stems from a low-privileged user being able to interact with the database via the HQL processor, potentially leading to an S...