Improper Neutralization of Script in an Error Message Web... · CVE-2025-0883 · GitHub Advisory Database · GitHub

Improper Neutralization of Script in an Error Message Web...

Low severity Unreviewed Published Mar 12, 2025 to the GitHub Advisory Database • Updated Mar 12, 2025

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager.

The vulnerability could reveal sensitive information retained by the browser.

This issue affects Service Manager: 9.70, 9.71, 9.72, 9.80.

References

Published by the National Vulnerability Database

Mar 12, 2025

Published to the GitHub Advisory Database Mar 12, 2025

Last updated Mar 12, 2025

Severity

Low

/ 10

CVSS v4 base metrics

Exploitability Metrics

Attack Vector Network

Attack Complexity High

Attack Requirements Present

Privileges Required Low

User interaction Passive

Vulnerable System Impact Metrics

Confidentiality Low

Integrity Low

Availability None

Subsequent System Impact Metrics

Confidentiality None

Integrity None

Availability None

CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:A/V:C/RE:M/U:Green