CVE-2025-12453 — MEDIUM (6.1)

Q: How severe is CVE-2025-12453?

CVE-2025-12453 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-12453?

Check the references section above for vendor advisories and patch information. Affected products include: Opentext Vertica.

Vulnerability Description

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X, from 25.2.0 through 25.2.X, from 25.3.0 through 25.3.X.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Opentext	Vertica	>= 10.0.0-0, < 25.4.0-0

Related Weaknesses (CWE)

CWE-79

References

https://portal.microfocus.com/s/article/KM000045852?language=en_USVendor Advisory

FAQ

What is CVE-2025-12453?

CVE-2025-12453 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of c...

How severe is CVE-2025-12453?

CVE-2025-12453 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-12453?

Check the references section above for vendor advisories and patch information. Affected products include: Opentext Vertica.