Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.3
OpenText Filr: Unauthenticated Users Can Access Sensitive Data
CVE-2026-3266
Summary
The OpenText Filr software has a flaw that lets unapproved users access sensitive areas. This means they could potentially get access to confidential information. To fix this, update to a newer version of Filr, such as 25.1.2 or later, or take other security measures as recommended by the vendor.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| opentext | filr | <= 25.1.3 | – |
Original title
Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs....
Original description
Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs.
This issue affects Filr: through 25.1.2.
This issue affects Filr: through 25.1.2.
nvd CVSS3.1
9.8
nvd CVSS4.0
8.3
Vulnerability type
CWE-862
Missing Authorization
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026