Improper Neutralization in OpenText Service Manager Reveals Sensitive Information
CVE-2025-0883
2.1LOW
Key Information:
- Vendor
- Opentext™
- Status
- Service Manager
- Vendor
- CVE Published:
- 12 March 2025
Summary
A vulnerability in OpenText Service Manager allows for improper neutralization of scripts within error message web pages. This flaw can lead to the unintended disclosure of sensitive information stored in the user's browser. As a result, attackers might exploit this weakness to gain access to confidential data, emphasizing the importance of implementing robust security measures.
Affected Version(s)
Service Manager 9.70
Service Manager 9.71
Service Manager 9.72
References
CVSS V4
Score:
2.1
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved