CVE-2024-4187

Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:opentext:filr:24.1.1:*:*:*:*:*:*:*
cpe:2.3:a:opentext:filr:24.2:*:*:*:*:*:*:*

History

15 Aug 2024, 14:45

Type Values Removed Values Added
First Time Opentext
Opentext filr
CWE CWE-79
References () https://portal.microfocus.com/s/article/KM000032291 - () https://portal.microfocus.com/s/article/KM000032291 - Vendor Advisory
CPE cpe:2.3:a:opentext:filr:24.1.1:*:*:*:*:*:*:*
cpe:2.3:a:opentext:filr:24.2:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4

01 Aug 2024, 12:42

Type Values Removed Values Added
Summary
  • (es) Se descubrió una vulnerabilidad de XSS almacenado en el producto OpenText™ Filr, que afecta a las versiones 24.1.1 y 24.2. La vulnerabilidad podría hacer que los usuarios no reciban advertencias al hacer clic en enlaces a sitios externos.

31 Jul 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-31 21:15

Updated : 2024-08-15 14:45


NVD link : CVE-2024-4187

Mitre link : CVE-2024-4187

CVE.ORG link : CVE-2024-4187


JSON object : View

Products Affected

opentext

  • filr
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-356

Product UI does not Warn User of Unsafe Actions