Path Traversal vulnerability have been discovered in OpenText™ XM Fax.

7.1 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/V:D/RE:M/U:Amber

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText™ XM Fax allows Path Traversal.

The vulnerability could allow an attacker to arbitrarily disclose content of files on the local filesystem. This issue affects XM Fax: 24.2.

Basic Information

ID CVE-2025-8054

Source OpenText

Published Feb 19, 2026 at 22:21

Affected Product

Vendor OpenText™

Product XM Fax

Version 24.2

Affected Versions OpenText™ XM Fax 24.2

CWE Classification

CWE-22

References

support.opentext.com /csm

{
    "lastseen": "",
    "description": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText\u2122 XM Fax allows Path Traversal.\u00a0\n\nThe vulnerability could allow an attacker to arbitrarily disclose content of files on the local filesystem.\u00a0This issue affects XM Fax: 24.2.",
    "published": "2026-02-19T22:21:22.483Z",
    "modified": "2026-02-19T22:21:22.483Z",
    "type": "cve",
    "title": "Path Traversal vulnerability have been discovered in OpenText\u2122 XM Fax.",
    "source": "OpenText",
    "references": "https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0847038",
    "id": "CVE-2025-8054",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "OpenText\u2122 XM Fax 24.2",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/V:D/RE:M/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "XM Fax",
    "version": "24.2",
    "vendor": "OpenText\u2122",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Path Traversal vulnerability have been discovered in OpenText™ XM Fax._CVE-2025-8054