Severity by source
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Reflected XSS reachable over the network without auth (PR:N) but needing a victim to open crafted content (UI:R) and non-trivial preconditions (AC:H); script runs cross-context (S:C) with limited C/I impact.
Primary rating from Vendor (OpenText).
CVSS VectorVendor: OpenText
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText Access Manager allows Cross-Site Scripting (XSS).
This issue affects Access Manager: from 5.1 through 5.1.2.
AnalysisAI
Cross-site scripting in OpenText Access Manager 5.1 through 5.1.2 lets a remote unauthenticated attacker inject script that executes in the browser of a targeted user of this enterprise SSO/access-management platform (CWE-79). Per the vendor-supplied CVSS 4.0 vector the flaw carries high vulnerable-system confidentiality impact (VC:H) but high attack complexity and a specific attack requirement (AC:H/AT:P), yielding a base score of 8.2. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation targets the web interface of OpenText Access Manager 5.1 through 5.1.2 and requires no attacker authentication (PR:N) and network reach (AV:N), but it is meaningfully limited: the vendor vector sets AC:H (high attack complexity) and AT:P (a specific attack requirement/precondition must hold), indicating the injection is not reliably triggerable against arbitrary default requests and likely depends on a particular request path, parameter, or product configuration. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are mixed and warrant a measured priority. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a request or link containing a malicious script payload targeting a vulnerable Access Manager web page and lures or waits for a privileged user (such as an administrator or federated SSO user) to trigger it, given the AC:H/AT:P preconditions. When the page renders the unsanitized input, the script runs in the victim's session and can exfiltrate session tokens or authentication data (VC:H). … |
| Remediation | Consult the OpenText/Micro Focus advisory at https://portal.microfocus.com/s/article/KM000047449 for the vendor-released fixed build and upgrade to the patched release for the 5.1 line (an exact fix version was not present in the available input and should be confirmed from that KB article before scheduling - do not assume a version number). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Verify deployment of OpenText Access Manager versions 5.1 through 5.1.2 in production environments and assess the scope of dependent applications. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Access Manager
View allVulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Ra
There is a time-based blind SQL injection vulnerability in the Access Manager component before 9.18.040 and 10.x before
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine).
Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Acce
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allow remote atta
A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely explo
iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.1 allow remote attackers
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Rate
The certificate upload feature in iManager in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could
A cross site request forgery protection mechanism in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38791
GHSA-rrp3-3f6h-33jr