We're Moving!

The Vertica Forum is moving to a new OpenText Analytics Database (Vertica) Community.

Join us there to post discussion topics, learn about

product releases, share tips, access the blog, and much more.

Create My New Community Account Now


Security alert CVE-2025-12454 — Vertica Forum

Security alert CVE-2025-12454

VertiguyVertiguy Administrator
in General Discussion

Security alert

Improper neutralization of input during web page generation vulnerability has been discovered in OpenText™ Vertica. The vulnerability could lead to Reflected XSS attack of cross-site scripting

Systems affected:
Vertica version/s 10.x, 11.x, 12.x, 23.x, 24.x, 25.1.x

Affected version:
Reflected XSS attack of cross-site scripting vulnerability affects OpenText Vertica versions 10.x, 11.x, 12.x, 23.x, 24. x., and 25.1.x

CVE reference: CVE-2025-12454

CVSS v4.0 score: 5.1 / Medium

Impact:
The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.

Solution:
For all Vertica versions prior to 25.2.x, customers need to upgrade to Vertica 25.2.0-0 or later.

More information
For more information, contact us through the Support Portal.

Copyright © 2024 Open Text. All rights reserved. OpenText is a trademark or registered trademark of Open Text. The list of trademarks is not exhaustive of other trademarks. Registered trademarks, product names, company names, brands and service names mentioned herein are property of Open Text or other respective owners.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Format
SpoilerCodeQuote
Heading 2Heading 1
Emoji
:):D:(;):/:o:s:p:'(:|B):#:*<3o:)>:)
Url
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file
Home General DiscussionComment As ...