Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Hcltech Subscribe
Filtered by product Hcl Digital Experience
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38662 1 Hcltech 1 Hcl Digital Experience 2022-12-23 N/A 6.1 MEDIUM
In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.
CVE-2021-27774 1 Hcltech 1 Hcl Digital Experience 2022-09-23 N/A 5.4 MEDIUM
User input included in error response, which could be used in a phishing attack.
CVE-2020-14222 1 Hcltech 1 Hcl Digital Experience 2020-11-13 4.3 MEDIUM 6.1 MEDIUM
HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).
CVE-2020-4101 1 Hcltech 1 Hcl Digital Experience 2020-06-17 7.5 HIGH 9.8 CRITICAL
"HCL Digital Experience is susceptible to Server Side Request Forgery."