CVE-2024-12863 – OpenText Content Management CE Stored Cross-Site Scripting Vulnerability

April 21, 2025

CVE ID : CVE-2024-12863

Published : April 21, 2025, 3:15 p.m. | 3 hours, 47 minutes ago

Description : Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-28121 – Code-Projects Online Exam Mastering System XSS Vulnerability

Next Article CVE-2024-42699 – OpenCMS Cross-Site Scripting (XSS)

Highlights

CVE-2025-34067 – Hikvision Integrated Security Management Platform Fastjson Remote Command Execution

July 2, 2025

CVE ID : CVE-2025-34067

Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago

Description : An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson’s auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

Atomic Design Certification Course

How to streamline GitHub API calls in Azure Pipelines

Reform Collective: A New Website, Designed to Be Seen

Motion Highlights #11

Moderate Image Uploads with AI/GenAI & AWS Rekognition

Moderate Image Uploads with AI/GenAI & AWS Rekognition

WCAG Compliance for Drupal Sites with UserWay

AI-Driven Auto-Tagging of EC2 Instances Using Amazon SageMaker

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

How to Open Control Panel in Windows 11

How to Shut Down Windows 11

CVE-2024-12863 – OpenText Content Management CE Stored Cross-Site Scripting Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

Multi-tenancy in RAG applications in a single Amazon Bedrock knowledge base with metadata filtering

Prime members can save $10 on any $20 or more Grubhub+ order for a limited time – here’s how

Anthropic’s Claude dives into financial analysis. Here’s what’s new

Distribution Release: Lubuntu 25.04

CVE-2025-34067 – Hikvision Integrated Security Management Platform Fastjson Remote Command Execution

CVE-2025-4338 – Lantronix Device Installer XXE Injection Vulnerability

How to catch GitHub Actions workflow injections before attackers do

CVE-2025-25012 – Kibana Open Redirect and SSRF Vulnerability

CVE-2024-12863 – OpenText Content Management CE Stored Cross-Site Scripting Vulnerability

Related Posts