CVE-2025-0883

Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText™ Service Manager. The vulnerability could reveal sensitive information retained by the browser. This issue affects Service Manager: 9.70, 9.71, 9.72, 9.80.

CVSS

No CVSS.

References

Link	Resource
https://portal.microfocus.com/s/article/KM000037099?language=en_US

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de neutralización incorrecta de scripts en una página web de mensajes de error en OpenText™ Service Manager. Esta vulnerabilidad podría revelar información confidencial retenida por el navegador. Este problema afecta a Service Manager: 9.70, 9.71, 9.72 y 9.80.

12 Mar 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-12 16:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-0883

Mitre link : CVE-2025-0883

CVE.ORG link : CVE-2025-0883

JSON object : View

Products Affected

No product.

CWE

CWE-81

Improper Neutralization of Script in an Error Message Web Page

{"id": "CVE-2025-0883", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security@opentext.com", "cvssData": {"Safety": "PRESENT", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 2.1, "Automatable": "NO", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:A/V:C/RE:M/U:Green", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "GREEN", "userInteraction": "PASSIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-03-12T16:15:20.353", "references": [{"url": "https://portal.microfocus.com/s/article/KM000037099?language=en_US", "source": "security@opentext.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "security@opentext.com", "description": [{"lang": "en", "value": "CWE-81"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText\u2122 Service Manager.\u00a0\n\nThe vulnerability could reveal sensitive information retained by the browser.\n\nThis issue affects Service Manager: 9.70, 9.71, 9.72, 9.80."}, {"lang": "es", "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de scripts en una p\u00e1gina web de mensajes de error en OpenText\u2122 Service Manager. Esta vulnerabilidad podr\u00eda revelar informaci\u00f3n confidencial retenida por el navegador. Este problema afecta a Service Manager: 9.70, 9.71, 9.72 y 9.80."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "security@opentext.com"}