CVE-2025-8050
- EPSS 0.04%
- Veröffentlicht 21.10.2025 17:21:30
- Zuletzt bearbeitet 28.10.2025 16:16:46
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2.
CVE-2025-8052
- EPSS 0.05%
- Veröffentlicht 20.10.2025 19:57:34
- Zuletzt bearbeitet 28.10.2025 16:10:43
SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Fl...
CVE-2025-8048
- EPSS 0.04%
- Veröffentlicht 20.10.2025 19:56:29
- Zuletzt bearbeitet 28.10.2025 16:12:50
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file path and then download the specified file from the system by requesting the stored docum...
CVE-2025-8049
- EPSS 0.06%
- Veröffentlicht 20.10.2025 19:56:20
- Zuletzt bearbeitet 28.10.2025 16:11:07
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low-privilege user to elevate privileges within the application. Th...
CVE-2025-8051
- EPSS 0.06%
- Veröffentlicht 20.10.2025 19:55:57
- Zuletzt bearbeitet 28.10.2025 16:14:35
Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2.
CVE-2025-8053
- EPSS 0.05%
- Veröffentlicht 20.10.2025 19:55:17
- Zuletzt bearbeitet 28.10.2025 16:08:51
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficie...