CWE-81

Improper Neutralization of Script in an Error Message Web Page

2 CVEs Avg CVSS 4.2 MITRE
0
CRITICAL
0
HIGH
1
MEDIUM
1
LOW
0
POC
0
KEV

Monthly

CVE-2025-24344 MEDIUM This Month

A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE
NVD
CVSS 3.1
6.3
EPSS
0.1%
CVE-2025-0883 LOW Monitor

Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure
NVD
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-24344
EPSS 0% CVSS 6.3
MEDIUM This Month

A vulnerability in the error notification messages of the web application of ctrlX OS allows a remote unauthenticated attacker to inject arbitrary HTML tags and, possibly, execute arbitrary. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE
NVD
CVE-2025-0883
EPSS 0% CVSS 2.1
LOW Monitor

Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy