CVE-2025-11884

Vulnerability Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in opentext uCMDB allows Stored XSS. The vulnerability could allow an attacker has high level access to UCMDB to create or update data with malicious scripts This issue affects uCMDB: 24.4.

Related Weaknesses (CWE)

CWE-79

References

https://portal.microfocus.com/s/article/KM000043674?language=en_US

FAQ

What is CVE-2025-11884?

CVE-2025-11884 is a documented vulnerability. Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in opentext uCMDB allows Stored XSS. The vulnerability could allow an attacker has high level ...

How severe is CVE-2025-11884?

CVSS scoring is not yet available for CVE-2025-11884. Check NVD for updates.

Is there a patch for CVE-2025-11884?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.