CVE-2021-38134

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 22, 2024
CWE ID 79

Summary

CVE-2021-38134 is a newly discovered Cross-Site Scripting (XSS) vulnerability in OpenText iManager's access Component version 3.2.5.0000. Maliciously crafted URLs can be used to inject and execute malicious scripts in users' browsers, potentially leading to unauthorized access, data theft, or other malicious activities. Users are strongly advised to update their iManager installations to the latest version to mitigate this risk. The vulnerability was not explicitly stated to impact any specific user actions or configurations, but it's recommended to practice safe browsing habits, such as avoiding clicking on untrusted links or opening unsolicited emails, to minimize the risk of XSS attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • OpenText™ iManager

Affected Vendors

  • OpenText