CVE-2025-12453

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0...

PT-2026-25343

🚨 CVE-2025-12454 Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects...

CVE-2025-9208

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in OpenText™ Web Site Management Server allows Stored XSS. The vulnerability could execute malicious scripts on the client side when the download query parameter is removed from the file URL,...

CVE-2025-8055

Server-Side Request Forgery SSRF vulnerability in OpenText™ XM Fax allows Server Side Request Forgery. The vulnerability could allow an attacker to perform blind SSRF to other systems accessible from the XM Fax server. This issue affects XM Fax: 24.2...

CVE-2025-13671

Cross-Site Request Forgery CSRF vulnerability in OpenText™ Web Site Management Server allows Cross Site Request Forgery. The vulnerability could make a user, with active session inside the product, click on a page that contains this malicious HTML triggering to perform changes unconsciously. This...

EUVD-2024-55391

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X...

CVE-2025-11884 Cross-site Scripting vulnerability discovered in OpenText™ Universal Discovery and CMDB

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in opentext uCMDB allows Stored XSS. The vulnerability could allow an attacker has high level access to UCMDB to create or update data with malicious scripts This issue affects uCMDB: 24.4...

CVE-2025-11884

CVE-2025-11884 : OpenText uCMDB 24.4 is affected by a stored Cross-Site Scripting (XSS) vulnerability due to improper neutralization of input during web page generation. An attacker with high-level access to uCMDB can create or update data containing malicious scripts, which could be reflected or...

CVE-2025-8048

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file path and then download the specified file from the system by requesting the stored document ID. This issue affects Flipper: 3.1.2...

EUVD-2025-25228

Malicious code in bioql PyPI...

CVE-2025-54145

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141...

CVE-2025-54145

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for iOS 141...

CVE-2025-54145 Scanning a malicious URL utilizing Firefox's open-text scheme with the QR code scanner could load arbitrary websites

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141...

PT-2025-31714 · Mozilla +1 · Firefox For Ios +9

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 141 Description: The QR scanner component is susceptible to exploitation, potentially allowing malicious websites to be opened. This occurs when a user scans a specially crafted link utilizing Firefox's...

UBUNTU-CVE-2025-54145

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability affects Firefox for iOS 141...

CVE-2025-3272 Incorrect user authorization vulnerability has been identified in Open Text Operations Bridge Manager.

Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4...

CVE-2025-3272 Incorrect user authorization vulnerability has been identified in Open Text Operations Bridge Manager.

Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4...

The vulnerability of the File.OpenText() function in the WhatsUp Gold network infrastructure monitoring system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the File.OpenText function in the WhatsUp Gold network infrastructure monitoring system is related to an incorrect limitation on the path name to the restricted directory when processing the xmlName parameter. Exploiting this vulnerability can allow a malicious actor to gain...

CVE-2022-26324

Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000...

PT-2024-16600 · Opentext · Opentext Secure Content Manager

Name of the Vulnerable Software and Affected Versions: OpenText Secure Content Manager versions 10.1 through 24.3 Description: The issue is related to insufficient logging in OpenText Secure Content Manager on Windows, allowing audit log manipulation. This could potentially lead to undetected...