CVE-2025-12453
Received
Received - Intake
Reflected XSS Vulnerability in OpenText Vertica Management Console
Publication date: 2026-03-13
Last updated on: 2026-04-17
Assigner: OpenText
Description
Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenTextβ’ Vertica allows Reflected XSS.Β
The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X, from 25.2.0 through 25.2.X, from 25.3.0 through 25.3.X.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| opentext | vertica | From 10.0.0-0 (inc) to 25.4.0-0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
