CNNVD-202510-2577 Information

CNNVD ID

CNNVD-202510-2577

Related CVE

CVE-2025-8052

• CNNVD Published: 2025-10-20

Description (Chinese)

OpenText Flipper是加拿大OpenText公司的一个供应商自助提交发票的门户扩展包。 OpenText Flipper 3.1.2版本存在安全漏洞，该漏洞源于低权限用户可通过HQL处理器与数据库交互，可能导致SQL注入攻击。

Description (English)

OpenText Flopper is a portal extension for the self-service submission of invoices by a supplier from OpenText Canada. OpenText Flopper 3.1.2 has a security loophole, which stems from the fact that low-authorized users can interact with the database through HQL processors, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

OpenText

Published

2025-10-20

Last Modified

2026-02-24

References

https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0850533 https://access.redhat.com/security/cve/cve-2025-8052