Vulnerabilities (CVE)

Filtered by vendor Opentext Subscribe

Filtered by product Flipper

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2025-8050	1 Opentext	1 Flipper	2025-10-28	N/A	6.5 MEDIUM
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2.
CVE-2025-8051	1 Opentext	1 Flipper	2025-10-28	N/A	6.5 MEDIUM
Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal. The vulnerability could allow a user to access files hosted on the server. This issue affects Flipper: 3.1.2.
CVE-2025-8048	1 Opentext	1 Flipper	2025-10-28	N/A	6.5 MEDIUM
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file path and then download the specified file from the system by requesting the stored document ID. This issue affects Flipper: 3.1.2.
CVE-2025-8049	1 Opentext	1 Flipper	2025-10-28	N/A	8.8 HIGH
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low-privilege user to elevate privileges within the application. This issue affects Flipper: 3.1.2.
CVE-2025-8052	1 Opentext	1 Flipper	2025-10-28	N/A	8.8 HIGH
SQL Injection vulnerability in opentext Flipper allows SQL Injection. The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor. This issue affects Flipper: 3.1.2.
CVE-2025-8053	1 Opentext	1 Flipper	2025-10-28	N/A	9.1 CRITICAL
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow a low privilege user to interact with the backend API without sufficient privileges. This issue affects Flipper: 3.1.2.