Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech appscan vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-4323
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an malicious user to embed the contents of untrusted web pages in a frame."
Hcltech Appscan
383
VMScore
CVE-2019-4324
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."
Hcltech Appscan
445
VMScore
CVE-2019-4325
"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."
Hcltech Appscan
445
VMScore
CVE-2019-4326
"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."
Hcltech Appscan
445
VMScore
CVE-2019-4327
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by malicious users to get unauthorized access to application's encrypted files."
Hcltech Appscan
570
VMScore
CVE-2019-4391
HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data
Hcltech Appscan
890
VMScore
CVE-2019-4392
HCL AppScan Standard Edition 9.0.3.13 and previous versions uses hard-coded credentials which can be exploited by malicious users to get unauthorized access to the system.
Hcltech Appscan
445
VMScore
CVE-2019-4393
HCL AppScan Standard is vulnerable to excessive authorization attempts
Hcltech Appscan
516
VMScore
CVE-2019-16188
HCL AppScan Source prior to 9.03.13 is susceptible to XML External Entity (XXE) attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppS...
Hcltech Appscan Source
312
VMScore
CVE-2019-4388
HCL AppScan Source 9.0.3.13 and previous versions is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI.
Hcltech Appscan Source
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »