Cross-site Scripting Vulnerability in OpenText uCMDB
CVE-2025-11884
2.3LOW
What is CVE-2025-11884?
The vulnerability affecting OpenText uCMDB can lead to a Stored XSS attack due to improper neutralization of input during web page generation. This allows authorized users with elevated access to inject and execute malicious scripts, potentially compromising the integrity of the uCMDB environment and exposing sensitive data.
Affected Version(s)
uCMDB 24.4
References
CVSS V4
Score:
2.3
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Mateusz "MaTTallica" Klement