OpenText Flipper 3.1.2 HQL SQLi Vulnerability
CVE-2025-8052 Published on October 20, 2025
HQL Injection vulnerability has been discovered in Opentext Flipper.
SQL Injection vulnerability in opentext Flipper allows SQL Injection.
The vulnerability could allow a low privilege user to interact with the database in unintended ways and extract data by interacting with the HQL processor.
This issue affects Flipper: 3.1.2.
Weakness Type
SQL Injection: Hibernate
Using Hibernate to execute a dynamic SQL statement built with user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.
Products Associated with CVE-2025-8052
Want to know whenever a new CVE is published for Opentext Flipper? stack.watch will email you.
Affected Versions
opentext Flipper Version 3.1.2 is affected by CVE-2025-8052Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.