Blaine Herro

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** The issue is related to an XML External Entity injection, which could lead to remote code execution by parsing untrusted XML payload. **Recommendations** For OpenText iManager version 3.2.6.0200, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** A Cross-Site Request Forgery issue has been discovered, which could lead to sensitive information disclosure. **Recommendations** For OpenText iManager version 3.2.6.0200, update to a version that contains a fix for this issue, as no specific workaround is provided in the available data.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** A Server Side Request Forgery issue has been discovered, which could lead to sensitive information disclosure. **Recommendations** For OpenText iManager version 3.2.6.0200, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** The issue is related to an XML External Entity injection, which could lead to information disclosure and remote code execution. **Recommendations** For OpenText iManager version 3.2.6.0200, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** A Broken Authentication issue has been discovered, allowing an attacker to manipulate certain parameters to bypass authentication. **Recommendations** For OpenText iManager version 3.2.6.0200, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** A Remote Code Execution issue has been discovered, which can trigger command injection and insecure deserialization issues. **Recommendations** For OpenText iManager version 3.2.6.0200, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** A remote code execution issue has been discovered, which can trigger remote code execution using unsafe Java object deserialization. **Recommendations** For OpenText iManager version 3.2.6.0200, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** A remote code execution issue has been discovered, allowing for the execution of remote code through a custom file upload task. **Recommendations** For OpenText iManager version 3.2.6.0200, consider restricting access to the custom file upload task until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** A Server Side Request Forgery vulnerability has been discovered, which could lead to sensitive information disclosure by directory traversal. **Recommendations** For OpenText iManager version 3.2.6.0200, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** The issue is related to a File Upload vulnerability in an unauthenticated session, which could allow an attacker to upload a file without authentication. **Recommendations** For OpenText iManager version 3.2.6.0200, consider restricting file upload functionality until a patch is available. As a temporary workaround, restrict access to the file upload feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenText iManager version 3.2.6.0200 **Description** A Path Traversal issue has been found in OpenText iManager, which can lead to privilege escalation or file disclosure. **Recommendations** For OpenText iManager version 3.2.6.0200, at the moment, there is no information about a newer version that contains a fix for this vulnerability.