CVE-2021-3010

Name of the Vulnerable Software and Affected Versions OpenText Content Server version 20.3

Description The issue concerns multiple persistent cross-site scripting (XSS) vulnerabilities in the web interface. A remote attacker can introduce arbitrary JavaScript by crafting malicious form values that are later not sanitized.

Recommendations For OpenText Content Server version 20.3, consider implementing proper input sanitization for all form values to prevent the introduction of malicious JavaScript code. As a temporary workaround, restrict access to the web interface to minimize the risk of exploitation.