Microfocus: >> Operations Agent >> 12.25 Security Vulnerabilities
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Operations Agent.
The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system.
This issue affects Operations Agent: 12.20, 12.21, 12.22, 12.23, 12.24, 12.25, 12.26.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-10-28
Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-02-15