Opentext Imanager
21 CVEs affecting Opentext Imanager. Latest disclosed: 2024-11-22. Critical: 0, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-38116 | High | 8.8 | 2024-11-22 | Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before 3.2.5 |
CVE-2021-38117 | High | 8.8 | 2024-11-22 | Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. |
CVE-2023-24467 | High | 8.8 | 2024-11-22 | Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000. |
CVE-2021-38135 | High | 8.6 | 2024-11-22 | Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000. |
CVE-2024-3969 | High | 7.8 | 2024-05-28 | XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload |
CVE-2024-3486 | High | 7.8 | 2024-05-15 | XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code execution. |
CVE-2024-3483 | High | 7.8 | 2024-05-15 | Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure deserialization issues… |
CVE-2024-3968 | High | 7.8 | 2024-05-15 | Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task. |
CVE-2022-26324 | High | 7.6 | 2024-11-22 | Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000. |
CVE-2020-11859 | High | 7.6 | 2024-11-06 | Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3 |
CVE-2024-3967 | High | 7.6 | 2024-05-15 | Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deser… |
CVE-2023-24466 | High | 7.5 | 2024-11-22 | Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200. |
CVE-2021-38119 | Medium | 6.1 | 2024-11-22 | Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. |
CVE-2021-38134 | Medium | 6.1 | 2024-11-22 | Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000. |
CVE-2024-3484 | Medium | 5.7 | 2024-05-15 | Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file disclosure. |
CVE-2024-3488 | Medium | 5.6 | 2024-05-15 | File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file withou… |
CVE-2021-38118 | Medium | 5.5 | 2024-11-22 | Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. |
CVE-2024-4429 | Medium | 5.4 | 2024-05-28 | Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information disclosure. |
CVE-2024-3485 | Medium | 5.3 | 2024-05-15 | Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure. |
CVE-2024-3970 | Medium | 5.3 | 2024-05-15 | Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory… |