SSRF vulnerability have been discovered in OpenText™ XM Fax

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/V:D/RE:M/U:Amber

Description

Server-Side Request Forgery (SSRF) vulnerability in OpenText™ XM Fax allows Server Side Request Forgery.

The vulnerability could allow an attacker to

perform blind SSRF to other systems accessible from the XM Fax server.

This issue affects XM Fax: 24.2.

Basic Information

ID CVE-2025-8055

Source OpenText

Published Feb 19, 2026 at 22:21

Affected Product

Vendor OpenText™

Product XM Fax

Version 24.2

Affected Versions OpenText™ XM Fax 24.2

CWE Classification

CWE-918

References

support.opentext.com /csm

{
    "lastseen": "",
    "description": "Server-Side Request Forgery (SSRF) vulnerability in OpenText\u2122 XM Fax allows Server Side Request Forgery.\u00a0\n\nThe vulnerability could allow an attacker to\n\n\n\nperform blind SSRF to other systems accessible from the XM Fax server.\n\nThis issue affects XM Fax: 24.2.",
    "published": "2026-02-19T22:21:06.831Z",
    "modified": "2026-02-19T22:21:06.831Z",
    "type": "cve",
    "title": "SSRF vulnerability have been discovered in OpenText\u2122 XM Fax",
    "source": "OpenText",
    "references": "https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0847038",
    "id": "CVE-2025-8055",
    "bulletinFamily": "",
    "cwe": [
        "CWE-918"
    ],
    "cvelist": null,
    "sourceData": "OpenText\u2122 XM Fax 24.2",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/V:D/RE:M/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "XM Fax",
    "version": "24.2",
    "vendor": "OpenText\u2122",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

SSRF vulnerability have been discovered in OpenText™ XM Fax_CVE-2025-8055