OpenText Web Site Management Server Stored Cross-Site Scripting Vulnerability

Vulnerability

A stored cross-site scripting vulnerability has been identified in OpenText Web Site Management Server versions 16.7.X, 16.8, and 16.8.1. This vulnerability allows for improper neutralization of input during web page generation, enabling the execution of malicious scripts on the client side. The issue arises when the download query parameter is removed from the file URL, potentially compromising user sessions and data.

Impact

Exploitation of this vulnerability allows for the execution of malicious scripts on the client side, leading to the compromise of user sessions and data.

Added: Feb 19, 2026, 11:28 PM

Updated: Feb 19, 2026, 11:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

5.0

remediation

0.0

relevance

3.2

threat

0.0

urgency

10.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

5.0

remediation

0.0

relevance

3.2

threat

0.0

urgency

10.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenText Web Site Management Server Stored Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating