SQL Injection Vulnerability in OpenText Flipper Product
CVE-2025-8052

1LOW

Key Information:

Vendor: Opentext
Status: Flipper
Vendor: CVE Published:; 20 October 2025

What is CVE-2025-8052?

A SQL Injection vulnerability in OpenText Flipper allows attackers with low privileges to exploit the HQL processor. This enables unauthorized interactions with the database, potentially leading to data extraction and manipulation. Such vulnerabilities pose serious risks to data integrity and confidentiality, necessitating prompt mitigation and security best practices.

Affected Version(s)

Flipper 3.1.2

References

https://support.opentext.com/csm?id=ot_kb_unauthenticated...

CVSS V4

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Oct 20, 2025
Vulnerability Reserved
Jul 22, 2025

Credit

Lockheed Martin Red Team

JSON