Opentext: Security Vulnerabilities
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal.
The vulnerability could allow a user to access files hosted on the server.
This issue affects Flipper: 3.1.2.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-21
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file
path and then download the specified file from the system by requesting the
stored document ID.
This issue affects Flipper: 3.1.2.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-20
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low-privilege user to elevate privileges within the application.
This issue affects Flipper: 3.1.2.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-10-20
Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal.
The vulnerability could allow a user to access files hosted on the server.
This issue affects Flipper: 3.1.2.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-20
SQL Injection vulnerability in opentext Flipper allows SQL Injection.
The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor.
This issue affects Flipper: 3.1.2.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-10-20
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges.
This issue affects Flipper: 3.1.2.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-10-20
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey.
This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-10-02
A vulnerability identified in OpenText™
Identity Manager AzureAD Driver that allows logging of sensitive information into log file. This impacts all versions before 5.1.4.0
CVSS Score
5.8
EPSS Score
0.0
Published
2024-09-12
Path Traversal vulnerability discovered in OpenText™ CX-E Voice,
affecting all version through 22.4. The vulnerability could allow arbitrarily access files on the system.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-08-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-08-12
Page 1