CVE-2025-8048

Medium CVSS: 5.3

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file
path and then download the specified file from the system by requesting the
stored document ID.

This issue affects Flipper: 3.1.2.

Vendor

Opentext

Product

Flipper

CWE

CWE-73

Yayın Tarihi

2025-10-20 20:15:38

Güncelleme

2025-10-28 16:12:50

Source Identifier

security@opentext.com

KEV Date Added

Kategoriler

CWE-73 Flipper MEDIUM Opentext 2025

Referanslar

https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0850531

Benzer Kayıtlar

High

CVE-2026-3278

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ ZENworks…

High

CVE-2026-3266

Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauth…

High

CVE-2025-13672

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ W…

High

CVE-2025-8054

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText™ XM Fax allows…

Medium

CVE-2025-8055

Server-Side Request Forgery (SSRF) vulnerability in OpenText™ XM Fax allows Server Side Request Forgery. The vulnerabi…

High

CVE-2025-9208

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ W…