CVE-2025-5808

HIGH

OpenText Self Service Password Reset <4.8.3 - Auth Bypass

Title source: llm

Description

Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Password Reset from before 4.8 patch 3.

References (1)

[Various Sources] https://docs.microfocus.com/doc/28/4.8/scrtyimpr

Scores

CVSS v4 7.3

EPSS 0.0011

EPSS Percentile 28.7%

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1284

Status published

Products (1)

OpenText/Self Service Password Reset 4.8 - <

Published Aug 29, 2025

Tracked Since Feb 18, 2026