CVE-2025-13671

UNKNOWN 0.0

Cross Site request forgery vulnerability discovered in OpenText WSM Management Server.

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Cross-Site Request Forgery (CSRF) vulnerability in OpenText™ Web Site Management Server allows Cross Site Request Forgery. The vulnerability could make a user, with active session inside the product, click on a page that contains this malicious HTML triggering to perform changes unconsciously. This issue affects Web Site Management Server: 16.7.0, 16.7.1.

CWE	CWE-352
Vendor	opentext™
Product	web site management server
Published	Feb 19, 2026
Last Updated	Feb 24, 2026

Stay Ahead of the Next One

Get instant alerts for opentext™ web site management server

Be the first to know when new unknown vulnerabilities affecting opentext™ web site management server are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

OpenText™ / Web Site Management Server

16.7.0 16.7.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.opentext.com: https://support.opentext.com/csm/en?id=ot_kb_unauthenticated&sysparm_article=KB0854846 github.com: https://github.com/MarioTesoro/vulnerability-research/blob/main/CVE-2025-13671/README.md

Credits

Mario Tesoro