CVE-2024-4187 LOW

CVE-2024-4187: Stored XSS vulnerability has been discovered in OpenText™ Filr. The vulnerability could cause users to not be warned when clicking links to external sites.

Vendor Opentext™
Product Filr
Weakness CWE-356
Published July 31, 2024
Last update August 12, 2024

CVSS base score

2.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/S:P/AU:N/V:D/RE:L/U:Green

What the vulnerability does

01Description

Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites.

Key dates

02Disclosure timeline

July 31, 2024 CVE published
August 12, 2024 Record updated