Version 3.0.0

CVE-2021-38116

Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before 3.2.5

HIGH CVSS 8.8 Published Nov 22, 2024

CVE-2021-38117

Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.

HIGH CVSS 8.8 Published Nov 22, 2024

CVE-2021-38118

Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.

MEDIUM CVSS 5.5 Published Nov 22, 2024

CVE-2021-38119

Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.

MEDIUM CVSS 6.1 Published Nov 22, 2024

CVE-2021-38134

Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000.

MEDIUM CVSS 6.1 Published Nov 22, 2024

CVE-2021-38135

Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000.

HIGH CVSS 8.6 Published Nov 22, 2024

CVE-2022-26324

Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000.

HIGH CVSS 7.6 Published Nov 22, 2024

CVE-2023-24466

Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200.

HIGH CVSS 7.5 Published Nov 22, 2024

CVE-2023-24467

Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000.

HIGH CVSS 8.8 Published Nov 22, 2024

CVE-2024-4429

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information disclosure.

MEDIUM CVSS 5.4 Published May 28, 2024

CVE-2024-3969

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload

HIGH CVSS 7.8 Published May 28, 2024

CVE-2024-3488

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication.

MEDIUM CVSS 5.6 Published May 15, 2024

CVE-2024-3487

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication.

LOW CVSS 3.5 Published May 15, 2024

CVE-2024-3486

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code execution.

HIGH CVSS 7.8 Published May 15, 2024

CVE-2024-3485

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure.

MEDIUM CVSS 5.3 Published May 15, 2024

CVE-2024-3484

Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file disclosure.

MEDIUM CVSS 5.7 Published May 15, 2024

CVE-2024-3483

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure deserialization issues.

HIGH CVSS 7.8 Published May 15, 2024

CVE-2024-3967

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deserialization.

HIGH CVSS 7.6 Published May 15, 2024

CVE-2024-3968

Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task.

HIGH CVSS 7.8 Published May 15, 2024

CVE-2024-3970

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal.

MEDIUM CVSS 5.3 Published May 15, 2024