mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
113 lines
4.5 KiB
JSON
113 lines
4.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-5532",
|
|
"ASSIGNER": "security@opentext.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText\u2122 Operations Agent.\u00a0\n\nThe XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system. \n\nThis issue affects Operations Agent: 12.20, 12.21, 12.22, 12.23, 12.24, 12.25, 12.26."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
|
|
"cweId": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "OpenText\u2122",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Operations Agent",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "12.20"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "12.21"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "12.22"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "12.23"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "12.24"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "12.25"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "12.26"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://portal.microfocus.com/s/article/KM000035731?language=en_US",
|
|
"refsource": "MISC",
|
|
"name": "https://portal.microfocus.com/s/article/KM000035731?language=en_US"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.2.0"
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://portal.microfocus.com/s/article/KM000035731?language=en_US\">OpenText\u2122 Operations Agent (OA) Security Bulletin - A low severity stored XSS vulnerability has been discovered.</a>\n\n<br>"
|
|
}
|
|
],
|
|
"value": "OpenText\u2122 Operations Agent (OA) Security Bulletin - A low severity stored XSS vulnerability has been discovered. https://portal.microfocus.com/s/article/KM000035731"
|
|
}
|
|
],
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Marco Ventura, Claudia Bartolini, Massimiliano Brolli - TIM Group"
|
|
}
|
|
]
|
|
} |