Microfocus: Security Vulnerabilities
A security audit identified a privilege escalation
vulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions
Operations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of
Oneconsult AG for reporting this vulnerability
CVSS Score
8.6
EPSS Score
0.0
Published
2026-03-31
Possible Reflected Cross-Site Scripting (XSS) Vulnerability
in iManager has been discovered in
OpenText™ iManager 3.2.4.0000.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-11-22
Possible XSS in iManager URL for access Component has been discovered in
OpenText™ iManager 3.2.5.0000.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-11-22
Possible
External Service Interaction attack
in iManager has been discovered in
OpenText™ iManager 3.2.6.0000.
CVSS Score
8.6
EPSS Score
0.001
Published
2024-11-22
Possible XSS in iManager URL for access Component has been discovered in
OpenText™ iManager 3.2.6.0000.
CVSS Score
7.6
EPSS Score
0.001
Published
2024-11-22
Possible XML External Entity Injection
in iManager GET parameter has been discovered in
OpenText™ iManager 3.2.6.0200.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-11-22
Possible Command Injection
in iManager GET parameter has been discovered in
OpenText™ iManager 3.2.6.0000.
CVSS Score
8.8
EPSS Score
0.007
Published
2024-11-22
Possible Elevation of Privilege Vulnerability
in iManager has been discovered in
OpenText™ iManager. This impacts all versions before 3.2.5
CVSS Score
8.8
EPSS Score
0.002
Published
2024-11-22
Possible Command injection Vulnerability
in iManager has been discovered in
OpenText™ iManager 3.2.4.0000.
CVSS Score
8.8
EPSS Score
0.008
Published
2024-11-22
Possible improper input validation Vulnerability
in iManager has been discovered in
OpenText™ iManager 3.2.4.0000.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-11-22
Page 1