EUVD-2025-208641CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/AU:Y/R:U
Lifecycle Timeline
3Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X, from 25.2.0 through 25.2.X, from 25.3.0 through 25.3.X.
Analysis
A Reflected Cross-Site Scripting (XSS) vulnerability exists in OpenText Vertica's management console application due to improper input neutralization during web page generation (CWE-79). The vulnerability affects Vertica versions 10.0 through 25.3.X, allowing attackers to inject malicious scripts that execute in users' browsers when they click attacker-controlled links. With a CVSS v4.0 score of 5.1 and network-based attack vector requiring user interaction, this represents a moderate risk with limited direct technical impact but potential for credential theft or session hijacking.
Technical Context
The vulnerability stems from inadequate input validation and output encoding in the Vertica management console web application, a core component of OpenText Vertica (cpe:2.3:a:opentext:vertica). Reflected XSS (CWE-79) occurs when user-supplied input is echoed back in HTTP responses without proper sanitization or encoding, allowing browsers to interpret attacker-injected HTML/JavaScript. This affects the web-based administrative interface across multiple major versions (10.x, 11.x, 12.x, 23.x, 24.x, 25.1.x, 25.2.x, 25.3.x), suggesting the vulnerability may reside in a shared code path or utility function. The root cause is the absence of context-appropriate output encoding (HTML entity encoding, JavaScript escaping, or URL encoding depending on context) before reflecting user input in dynamically generated web pages.
Affected Products
OpenText Vertica versions 10.0 through 10.x (all minor versions), 11.0 through 11.x, 12.0 through 12.x, 23.0 through 23.x, 24.0 through 24.x, 25.1.0 through 25.1.x, 25.2.0 through 25.2.x, and 25.3.0 through 25.3.x are affected (cpe:2.3:a:opentext:vertica). The vulnerability is specific to the Vertica management console application web interface. OpenText has released a security advisory detailing the affected versions and patch availability; consult the OpenText security bulletins at https://www.opentext.com/about/security-advisories for the official vendor guidance and fixed version numbers.
Remediation
Upgrade OpenText Vertica to the latest patched version released by OpenText for your major version line (consult the vendor advisory at https://www.opentext.com/about/security-advisories for specific version numbers). If immediate patching is not possible, implement compensating controls: restrict network access to the Vertica management console to known administrative IP addresses via firewall or reverse proxy; enforce HTTPS-only connections with HSTS headers to prevent man-in-the-middle interception; educate administrators to avoid clicking untrusted links to the console; disable or air-gap the web console if not actively used. Additionally, implement Content Security Policy (CSP) headers in the console application to mitigate reflected XSS impact by restricting inline script execution.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today