Vulnerability Details CVE-2022-45926
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.3%
CVSS Severity
CVSS v3 Score 8.8
References
- http://packetstormsecurity.com/files/170615/OpenText-Extended-ECM-22.3-File-Deletion-LFI-Privilege-Escsalation.html
- http://seclists.org/fulldisclosure/2023/Jan/14
- https://sec-consult.com/vulnerability-lab/advisory/multiple-post-authentication-vulnerabilities-including-rce-opentexttm-extended-ecm/
- http://packetstormsecurity.com/files/170615/OpenText-Extended-ECM-22.3-File-Deletion-LFI-Privilege-Escsalation.html
- http://seclists.org/fulldisclosure/2023/Jan/14
- https://sec-consult.com/vulnerability-lab/advisory/multiple-post-authentication-vulnerabilities-including-rce-opentexttm-extended-ecm/
Products affected by CVE-2022-45926
-
cpe:2.3:a:opentext:opentext_extended_ecm:20.4
-
cpe:2.3:a:opentext:opentext_extended_ecm:21.1
-
cpe:2.3:a:opentext:opentext_extended_ecm:22.1
-
cpe:2.3:a:opentext:opentext_extended_ecm:22.3