PT-2025-11084 · Opentext · Opentext Service Manager
Published
2025-03-12
·
Updated
2025-03-12
·
CVE-2025-0883
CVSS v4.0
2.1
Low
| Vector | AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:P/AU:N/R:A/V:C/RE:M/U:Green |
Name of the Vulnerable Software and Affected Versions:
OpenText Service Manager versions 9.70 through 9.72
OpenText Service Manager version 9.80
Description:
The issue is related to an Improper Neutralization of Script in an Error Message Web Page, which could potentially reveal sensitive information retained by the browser.
Recommendations:
For OpenText Service Manager versions 9.70 through 9.72, update to a version that includes a fix for this issue.
For OpenText Service Manager version 9.80, update to a version that includes a fix for this issue.
As a temporary workaround, consider restricting access to error message web pages to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Opentext Service Manager