GHSA-6frc-h2x4-jwq3 · Severity: medium — Improper neutralization of input during web page generation ('cross-site scripting')...
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X, from 25.2.0 through 25.2.X, from 25.3.0 through 25.3.X.
Conclusion & alert: CVE-2025-12453 is rated Low Risk (23.3/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.18%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.03% | 0.18% | +0.15% |
| 2 | 2026-04-18 | 0.06% | 0.03% | -0.03% |
| 3 | 2026-03-19 | — | 0.06% | — |
Full EPSS history (4 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 5.1 | 4.0 | MEDIUM |
|
— | — | [email protected] |
| 6.1 | 3.1 | MEDIUM |
|
2.8 | 2.7 | [email protected] |
GHSA-6frc-h2x4-jwq3 · Severity: medium — Improper neutralization of input during web page generation ('cross-site scripting')...
| URL | Tags |
|---|---|
| https://portal.microfocus.com/s/article/KM000045852?language=en_US | Vendor Advisory |