CVE-2025-12453
published 2026-03-13CVE-2025-12453: Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability…
PriorityP426medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.18%
7.9th percentile
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS.
The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X, from 25.2.0 through 25.2.X, from 25.3.0 through 25.3.X.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opentext | vertica | 10.0 – 10.x | — |
| opentext | vertica | >= 10.0.0-0 < 25.4.0-0 | 25.4.0-0 |
| opentext | vertica | 11.0 – 11.x | — |
| opentext | vertica | 12.0 – 12.x | — |
| opentext | vertica | 23.0 – 23.x | — |
| opentext | vertica | 24.0 – 24.x | — |
| opentext | vertica | 25.1.0 – 25.1.x | — |
| opentext | vertica | 25.2.0 – 25.2.x | — |
| opentext | vertica | 25.3.0 – 25.3.x | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv4.05.1MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-03-13
Published