CVE-2026-3278

MEDIUM opentext NVD

CVSS Score 6.1

Severity MEDIUM

Published Mar 18, 2026

Vendor opentext

Description

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ ZENworks Service Desk allows Cross-Site Scripting (XSS). The vulnerability could allow an attacker to execute arbitrary JavaScript leading to unauthorized actions on behalf of the user.This issue affects ZENworks Service Desk: 25.2, 25.3.

References

https://portal.microfocus.com/s/article/KM000045873?language=en_US