CVE-2025-5808
HIGHOpenText Self Service Password Reset <4.8.3 - Auth Bypass
Title source: llmDescription
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Password Reset from before 4.8 patch 3.
References (1)
Core 1
Core References
Various Sources
https://docs.microfocus.com/doc/28/4.8/scrtyimpr
Scores
CVSS v4
7.3
EPSS
0.0040
EPSS Percentile
32.0%
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1284
Status
published
Products (1)
OpenText/Self Service Password Reset
4.8 - <
Published
Aug 29, 2025
Tracked Since
Feb 18, 2026