XSS Vulnerability in OpenText Advance Authentication
CVE-2024-10865

9.4CRITICAL

Key Information:

Vendor: Opentext
Status: Advance Authentication
Vendor: CVE Published:; 14 May 2025

What is CVE-2024-10865?

The vulnerability arises from improper input validation in OpenText Advance Authentication, potentially allowing attackers to execute arbitrary scripts in the context of the user's browser. This can lead to significant security risks including data theft and unauthorized access. Affected versions prior to 6.5 are particularly vulnerable, emphasizing the need for immediate updates to enhance security protocols.

Affected Version(s)

Advance Authentication Linux 6.5

References

https://www.netiq.com/documentation/advanced-authenticati...

CVSS V4

Score:

9.4

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2025
Vulnerability Reserved
Nov 5, 2024

Opentext

What is CVE-2024-10865?

Affected Version(s)

References

CVSS V4

Timeline