CVE-2023-24466

Name of the Vulnerable Software and Affected Versions OpenText iManager version 3.2.6.0200

Description A possible XML External Entity Injection issue has been discovered in the iManager GET parameter. This could potentially allow for malicious activities.

Recommendations For OpenText iManager version 3.2.6.0200, consider restricting access to the iManager GET parameter until a patch is available. As a temporary workaround, avoid using the vulnerable parameter in the affected API endpoint. At the moment, there is no information about a newer version that contains a fix for this vulnerability.