HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2023-24466

CVSS 7.5v3.1pub. 2024-11-22upd. 2025-04-10

Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Microfocus Imanager

    APP
    Microfocus
    3.2.63.0 – 3.2.6 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
XXE
CWE
References

Related vulnerabilities

CVE-2022-26324HIGH7.6ten sam produkt

Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000.

CVE-2021-38116HIGH8.8ten sam produkt

Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This imp...

CVE-2021-38117HIGH8.8ten sam produkt

Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.

CVE-2021-38135HIGH8.6ten sam produkt

Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.000...

CVE-2023-24467HIGH8.8ten sam produkt

Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000.

CVE-2023-24466 — Microfocus — Imanager — HIGH — CVSS 7.5 | CVEbaza.pl