Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcl digital experience vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38662
In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.
Hcltech Hcl Digital Experience 9.0
Hcltech Hcl Digital Experience 9.5
Hcltech Hcl Digital Experience 8.5
NA
CVE-2021-27774
User input included in error response, which could be used in a phishing attack.
Hcltech Hcl Digital Experience 9.0
Hcltech Hcl Digital Experience 9.5
Hcltech Hcl Digital Experience 8.5
7.5
CVSSv2
CVE-2020-4101
"HCL Digital Experience is susceptible to Server Side Request Forgery."
Hcltech Hcl Digital Experience 8.5
Hcltech Hcl Digital Experience 9.0
Hcltech Hcl Digital Experience 9.5
4.3
CVSSv2
CVE-2020-14222
HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).
Hcltech Hcl Digital Experience 8.5
Hcltech Hcl Digital Experience 9.0
Hcltech Hcl Digital Experience 9.5
4
CVSSv2
CVE-2020-14221
HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users.
Hcltech Digital Experience 8.5
Hcltech Digital Experience 9.0
Hcltech Digital Experience 9.5
NA
CVE-2022-38653
In HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application unencoded.
Hcltech Digital Experience 9.0
Hcltech Digital Experience 9.5
Hcltech Digital Experience 8.5
4.3
CVSSv2
CVE-2020-14223
HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS). The vulnerability could be employed in a reflected or non-persistent XSS attack.
Hcltech Digital Experience 8.5
Hcltech Digital Experience 9.0
Hcltech Digital Experience 9.5
NA
CVE-2023-37538
HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).
Hcltech Digital Experience 9.0
Hcltech Digital Experience 9.5
Hcltech Digital Experience 8.5
5
CVSSv2
CVE-2020-14255
HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise installations.
Hcltech Digital Experience 9.5
NA
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
71 Github repositories
4 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started