CVE-2025-13671

Medium CVSS: 5.9

Cross-Site Request Forgery (CSRF) vulnerability in OpenText™ Web Site Management Server allows Cross Site Request Forgery. The vulnerability could make a user, with active session inside the product, click on a page that contains this malicious HTML triggering to perform changes unconsciously.

This issue affects Web Site Management Server: 16.7.0, 16.7.1.

Vendor

Opentext

Product

Web Site Management Server

CWE

CWE-352

Yayın Tarihi

2026-02-19 23:16:14

Güncelleme

2026-02-27 23:56:23

Source Identifier

security@opentext.com

KEV Date Added

Kategoriler

CWE-352 Web Site Management Server MEDIUM Opentext 2026

Referanslar

https://support.opentext.com/csm/en?id=ot_kb_unauthenticated&sysparm_article=KB0854846 https://github.com/MarioTesoro/vulnerability-research/blob/main/CVE-2025-13671/README.md

Benzer Kayıtlar

High

CVE-2026-3278

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ ZENworks…

High

CVE-2026-3266

Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauth…

High

CVE-2025-13672

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ W…

High

CVE-2025-8054

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText™ XM Fax allows…

Medium

CVE-2025-8055

Server-Side Request Forgery (SSRF) vulnerability in OpenText™ XM Fax allows Server Side Request Forgery. The vulnerabi…

High

CVE-2025-9208

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ W…