Improper Input Validation in OpenText Self Service Password Reset
CVE-2025-5808

7.3HIGH

Key Information:

Vendor: Opentext
Status: Self Service Password Reset
Vendor: CVE Published:; 29 August 2025

What is CVE-2025-5808?

The OpenText Self Service Password Reset product is susceptible to an improper input validation vulnerability that allows attackers to bypass authentication mechanisms. This vulnerability affects versions prior to the 4.8 patch 3 release, posing significant risks for user account security. Users are urged to update their systems promptly to mitigate potential exploitation.

Affected Version(s)

Self Service Password Reset Linux 4.8

References

https://docs.microfocus.com/doc/28/4.8/scrtyimpr

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2025
Vulnerability Reserved
Jun 6, 2025

Opentext

What is CVE-2025-5808?

Affected Version(s)

References

CVSS V4

Timeline