6 matches found
CVE-2025-8051
CVE-2025-8051 affects OpenText Flipper 3.1.2. The issue is a path traversal vulnerability that could allow an attacker to access files hosted on the server (absolute path traversal). The connected documents confirm the affected product and the vulnerability class but do not provide a specific fix...
CVE-2025-8052
CVE-2025-8052 affects OpenText Flipper 3.1.2. The vulnerability is a SQL Injection via the HQL processor that could let a low-privilege user interact with the database and extract data. The available connected sources consistently describe the impact as SQL injection with high confidentiality/int...
CVE-2025-8053
CVE-2025-8053 affects OpenText Flipper v3.1.2. The issue is an insufficient granularity of access control that could allow a low-privilege user to interact with the backend API without proper privileges. The vulnerability centers on how access controls are configured for Flipper’s backend API, en...
CVE-2025-8050
The CVE-2025-8050 entry concerns OpenText Flipper 3.1.2, described as External Control of File Name or Path leading to a Path Traversal vulnerability. The available documents identify that an attacker could leverage this flaw to access files stored on the server. The material does not provide spe...
CVE-2025-8048
CVE-2025-8048 : OpenText Flipper 3.1.2 is affected by an External Control of File Name or Path vulnerability leading to a path traversal issue. The issue allows an attacker to submit a stored local file path and then download the specified file from the system by requesting the stored document ID...
CVE-2025-8049
CVE-2025-8049 : OpenText Flipper (version 3.1.2) contains an Insufficient Granularity of Access Control vulnerability that could allow a low-privilege user to elevate privileges within the application. The issue is described across multiple sources (NVD, Red Hat, ENISA EUVD, etc.) as a privilege-...