Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-38662 | 1 Hcltech | 1 Hcl Digital Experience | 2022-12-23 | N/A | 6.1 MEDIUM |
In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites. | |||||
CVE-2021-27774 | 1 Hcltech | 1 Hcl Digital Experience | 2022-09-23 | N/A | 5.4 MEDIUM |
User input included in error response, which could be used in a phishing attack. | |||||
CVE-2020-14222 | 1 Hcltech | 1 Hcl Digital Experience | 2020-11-13 | 4.3 MEDIUM | 6.1 MEDIUM |
HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site). | |||||
CVE-2020-4101 | 1 Hcltech | 1 Hcl Digital Experience | 2020-06-17 | 7.5 HIGH | 9.8 CRITICAL |
"HCL Digital Experience is susceptible to Server Side Request Forgery." |