CVE-2025-11884 – Cross-site Scripting vulnerability discovered in OpenText™ Universal Discovery and CMDB

CVE ID : CVE-2025-11884

Published : Nov. 19, 2025, 9:13 p.m. | 39 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in opentext uCMDB allows Stored XSS. The vulnerability could allow an attacker has high level access to UCMDB to create or update data with malicious scripts

This issue affects uCMDB: 24.4.

Severity: 2.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…