Stored Cross-Site Scripting Vulnerability in OpenText Enterprise Security Manager
CVE-2025-3478

8.5HIGH

Key Information:

Vendor

Opentext
Status
Opentext Enterprise Security Manager
Vendor
CVE Published:
25 August 2025

What is CVE-2025-3478?

A Stored Cross-Site Scripting (XSS) vulnerability has been discovered in OpenText Enterprise Security Manager. This issue allows attackers to exploit the application remotely, potentially leading to unauthorized actions or data exposure. Organizations utilizing this product should implement recommended mitigations promptly to safeguard against potential threats.

Affected Version(s)

OpenText Enterprise Security Manager 0

References

https://portal.microfocus.com/s/article/KM000042483
vendor-advisory

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-3478 : Stored Cross-Site Scripting Vulnerability in OpenText Enterprise Security Manager