CVE-2022-26328 – User enumeration vulnerability has been discovered in OpenTextâ„¢ Performance Center
https://notcve.org/view.php?id=CVE-2022-26328
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText Performance Center on Windows allows Cross-Site Scripting (XSS).This issue affects Performance Center: 12.63. • https://portal.microfocus.com/s/article/KM000032041?language=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-7249
https://notcve.org/view.php?id=CVE-2023-7249
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1. • https://support.opentext.com/csm?id=kb_article_view&sysparm_article=KB0807814 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-6357 – Insecure Direct Object Reference vulnerability
https://notcve.org/view.php?id=CVE-2024-6357
Insecure Direct Object Reference vulnerability identified in OpenText ArcSight Intelligence. • https://portal.microfocus.com/s/article/KM000032593 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVE-2024-6359 – Privilege escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-6359
Privilege escalation vulnerability identified in OpenText ArcSight Intelligence. • https://portal.microfocus.com/s/article/KM000032594 • CWE-269: Improper Privilege Management •
CVE-2024-6358 – Incorrect Authorization vulnerability
https://notcve.org/view.php?id=CVE-2024-6358
Incorrect Authorization vulnerability identified in OpenText ArcSight Intelligence. • https://portal.microfocus.com/s/article/KM000032595 • CWE-863: Incorrect Authorization •