Filtered by vendor Hcltech
Subscriptions
Filtered by product Digital Experience
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37538 | 1 Hcltech | 1 Digital Experience | 2024-09-18 | 9.3 Critical |
| HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site). | ||||
| CVE-2020-14255 | 1 Hcltech | 1 Digital Experience | 2024-08-04 | 7.5 High |
| HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise installations. | ||||
| CVE-2020-14223 | 1 Hcltech | 1 Digital Experience | 2024-08-04 | 6.1 Medium |
| HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS). The vulnerability could be employed in a reflected or non-persistent XSS attack. | ||||
| CVE-2020-14221 | 1 Hcltech | 1 Digital Experience | 2024-08-04 | 4.9 Medium |
| HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users. | ||||
| CVE-2020-4081 | 1 Hcltech | 1 Digital Experience | 2024-08-04 | 6.1 Medium |
| In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS). | ||||
| CVE-2022-38653 | 1 Hcltech | 1 Digital Experience | 2024-08-03 | 2 Low |
| In HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application unencoded. | ||||
Page 1 of 1.