Cross-Site Scripting Vulnerability in OpenText Solutions Business Manager
CVE-2024-7085

8.2HIGH

Key Information:

Vendor: Opentext™
Status: Solutions Business Manager (sbm)
Vendor: CVE Published:; 15 January 2025

What is CVE-2024-7085?

An XSS vulnerability exists in OpenText Solutions Business Manager (SBM) that allows attackers to perform stored cross-site scripting, potentially leading to unauthorized access to private information. This vulnerability highlights the risk of improper input neutralization during web page generation, enabling malicious actors to inject harmful scripts that can compromise user data and application integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Solutions Business Manager (SBM) 0 <= 12.2.1

References

https://portal.microfocus.com/s/article/KM000036201?langu...

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 15, 2025
Vulnerability Reserved
Jul 24, 2024

Credit

Wiktoria Lewandowska

JSON

Opentext™

What is CVE-2024-7085?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.