Vulnerabilities > Microfocus > Imanager > 3.2.3

DATE CVE VULNERABILITY TITLE RISK
2024-11-22 CVE-2021-38116 Command Injection vulnerability in Microfocus Imanager
Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager.
network
low complexity
microfocus CWE-77
8.8
2024-11-22 CVE-2021-38117 Command Injection vulnerability in Microfocus Imanager
Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
network
low complexity
microfocus CWE-77
critical
9.8
2024-11-22 CVE-2021-38118 Unspecified vulnerability in Microfocus Imanager
Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
local
low complexity
microfocus
7.8
2024-11-22 CVE-2021-38119 Cross-site Scripting vulnerability in Microfocus Imanager
Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
network
low complexity
microfocus CWE-79
6.1
2024-11-22 CVE-2021-38134 Cross-site Scripting vulnerability in Microfocus Imanager
Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000.
network
low complexity
microfocus CWE-79
6.1
2024-11-22 CVE-2021-38135 Unspecified vulnerability in Microfocus Imanager
Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000.
network
low complexity
microfocus
critical
9.8
2024-11-22 CVE-2023-24466 XXE vulnerability in Microfocus Imanager
Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200.
network
low complexity
microfocus CWE-611
critical
9.8
2024-11-22 CVE-2023-24467 Command Injection vulnerability in Microfocus Imanager
Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000.
network
low complexity
microfocus CWE-77
critical
9.8
2024-05-28 CVE-2024-3969 XXE vulnerability in Microfocus Imanager
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200.
network
low complexity
microfocus CWE-611
critical
9.8
2024-05-28 CVE-2024-4429 Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Imanager
Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200.
network
low complexity
microfocus CWE-352
7.4