CVE-2026-3266
CRITICAL WAF: Low
CVSS 9.8
Published: 2026-03-03
CWE-862
Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs. This issue affects Filr: through 25.1.2.
WAF Coverage Analysis
Missing Authorization
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| opentext | filr | up to 25.1.3 |
References
- portal.microfocus.com (Vendor Advisory)