Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OpenText — Vulnerabilities & Security Advisories 144

Browse all 144 CVE security advisories affecting OpenText. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OpenText operates as a global enterprise information management provider, offering solutions for content management, digital asset management, and analytics. Its extensive software portfolio, including Content Server and Exstream, has historically been a frequent target for security researchers, resulting in a significant number of recorded Common Vulnerabilities and Exposures. The most prevalent vulnerability classes affecting these platforms include remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation or improper access controls. While the company maintains standard security protocols, the sheer volume of its legacy and integrated applications creates a broad attack surface. Recent incidents highlight the critical need for rigorous patch management and continuous monitoring to mitigate risks associated with these complex enterprise systems, ensuring that sensitive data remains protected against evolving cyber threats.

Top products by OpenText: Brava! Desktop iManager NetIQ Advance Authentication eDirectory Flipper AppBuilder OpenText Application Automation Tools ArcSight Enterprise Security Manager Privileged Access Manager ArcSight Intelligence OpenText Content Management NetIQ Access Manager Secure Content Manager OpenText Directory Services Self Service Password Reset Performance Center Dimensions RM ArcSight Management Center PVCS Version Manager Advance Authentication Advanced Authentication OpenText Enterprise Security Manager Identity Manager AzureAD Driver NetIQ Directory and Resource Administrator Identity Manager Advanced Edition Content Server Identity Manager IDM Driver and Extensions Identity Manager REST Driver 1.1.2.0200 Operations Agent
CVE IDTitleCVSSSeverityPublished
CVE-2026-2123 Privilege escalation vulnerability in Operations Agent — Operations AgentCWE-280 7.8 -2026-03-31
CVE-2024-11604 Insertion of Sensitive Information into Log File — IDM Driver and ExtensionsCWE-532 5.5 -2026-03-27
CVE-2025-13478 Cache Misconfiguration Leading to Cross-User Data Exposure — Identity ManagerCWE-522 3.1 -2026-03-27
CVE-2025-8050 External Control of File vulnerability has been discovered in opentext Flipper. — FlipperCWE-73 6.5AIMediumAI2025-10-21
CVE-2025-8052 HQL Injection vulnerability has been discovered in Opentext Flipper. — FlipperCWE-564 8.1AIHighAI2025-10-20
CVE-2025-8048 External Control of File path vulnerability has been discovered on Openext Flipper. — FlipperCWE-73 6.5AIMediumAI2025-10-20
CVE-2025-8049 Insufficient Access Control vulnerability has been discovered in OpenText Flipper. — FlipperCWE-1220 7.8AIHighAI2025-10-20
CVE-2025-8051 Path traversal validation vulnerability has been discovered in opentext Flipper. — FlipperCWE-35 6.5AIMediumAI2025-10-20
CVE-2025-8053 Insufficient access control vulnerability has been discovered in Opentext Flipper. — FlipperCWE-1220 8.8AIHighAI2025-10-20
CVE-2025-8716 Cache exploitation vulnerability — OpenText Content ManagementCWE-754 6.5AIMediumAI2025-09-11
CVE-2025-5808 Authentication Bypass vulnerability discovered in the OpenText™ Self-Service Password Reset — Self Service Password ResetCWE-1284 9.8 -2025-08-29
CVE-2025-3478 OpenText Enterprise Security Manager Stored XSS — OpenText Enterprise Security ManagerCWE-79 5.4AIMediumAI2025-08-25
CVE-2025-8997 OpenText Enterprise Security Manager Information Exposure — OpenText Enterprise Security ManagerCWE-598 7.5AIHighAI2025-08-25
CVE-2025-8616 Malicious browser plugins may cause Authentication replay attack vulnerability to bypass authentication in OpenText Advanced Authentication — Advanced AuthenticationCWE-294 9.8AICriticalAI2025-08-06
CVE-2025-2236 Exposure of Sensitive System Information vulnerability during configuration affecting OpenText Advanced Authentication. — Advanced AuthenticationCWE-497 9.1AICriticalAI2025-05-27
CVE-2024-10865 Reflected Cross-Site Scripting vulnerability in OpenText Advanced Authentication — Advance AuthenticationCWE-79 6.1AIMediumAI2025-05-14
CVE-2024-10864 SQL Injection vulnerability has been discovered in OpenText™ Advanced Authentication. — Advance AuthenticationCWE-89 9.8AICriticalAI2025-05-14
CVE-2024-12543 A user enumeration and subsequent data integrity vulnerability affecting barcode functionality — OpenText Content ManagementCWE-841 4.3 -2025-04-21
CVE-2024-12863 Stored XSS in Discussions functionality — OpenText Content ManagementCWE-79 5.4 -2025-04-21
CVE-2025-2517 Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager — ArcSight Enterprise Security ManagerCWE-672 9.8 -2025-04-21
CVE-2024-12862 REST API allows users without permissions to remove external collaborators — Content ServerCWE-863 4.3 -2025-04-21
CVE-2024-12530 Insecure Dynamic-Link Library (DLL) Load vulnerability — Secure Content ManagerCWE-427 7.8AIHighAI2025-04-17
CVE-2024-12799 Insufficiently Protected Credentials — Identity Manager Advanced EditionCWE-522 9.1 -2025-03-05
CVE-2024-12111 Potential LDAP injection vulnerability in OpenText Privileged Access Manager — Privileged Access ManagerCWE-77 8.0 High2024-12-19
CVE-2024-10863 Client-side audit exclusion vulnerability — Secure Content ManagerCWE-778 5.3 -2024-11-22
CVE-2021-38116 Possible Command injection Vulnerability in OpenText iManager — iManagerCWE-77 8.8 High2024-11-22
CVE-2021-38117 Possible Remote Code Execution Vulnerability OpenText iManager — iManagerCWE-94 8.8 High2024-11-22
CVE-2021-38118 Possible Local Privilege Escalation Vulnerability in OpenText iManager — iManagerCWE-250 5.5 Medium2024-11-22
CVE-2021-38119 Possible Reflected Cross-Site Scripting (XSS) Vulnerability in OpenText iManager — iManagerCWE-79 6.1 Medium2024-11-22
CVE-2021-38134 Possible Reflected and Stored XSS in OpenText iManager — iManagerCWE-79 6.1 Medium2024-11-22

This page lists every published CVE security advisory associated with OpenText. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.