Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-4101
"HCL Digital Experience is susceptible to Server Side Request Forgery."
Hcltech Hcl Digital Experience 8.5
Hcltech Hcl Digital Experience 9.0
Hcltech Hcl Digital Experience 9.5
NA
CVE-2021-27774
User input included in error response, which could be used in a phishing attack.
Hcltech Hcl Digital Experience 9.0
Hcltech Hcl Digital Experience 9.5
Hcltech Hcl Digital Experience 8.5
NA
CVE-2022-38662
In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.
Hcltech Hcl Digital Experience 9.0
Hcltech Hcl Digital Experience 9.5
Hcltech Hcl Digital Experience 8.5
445
VMScore
CVE-2021-27780
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
NA
CVE-2024-23553
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform exists due to missing a specific http header attribute.
Hcltech Bigfix Platform 11.0.0
Hcltech Bigfix Platform
312
VMScore
CVE-2019-4090
"HCL Campaign is vulnerable to cross-site scripting when a user provides XSS scripts in Campaign Description field."
Hcltech Marketing Campaign
Hcltech Marketing Campaign 11.0.1
312
VMScore
CVE-2021-27781
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
312
VMScore
CVE-2019-4091
"HCL Marketing Platform is vulnerable to cross-site scripting during addition of new users and also while searching for users in Dashboard, potentially giving an attacker ability to inject malicious code into the system. "
Hcltech Marketing Campaign 9.1.2.4
Hcltech Marketing Campaign
NA
CVE-2023-37502
HCL Compass is vulnerable to lack of file upload security. An attacker could upload files containing active code that can be executed by the server or by a user's web browser.
Hcltech Hcl Compass
Hcltech Hcl Compass 2.1.0
NA
CVE-2023-37503
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts.
Hcltech Hcl Compass
Hcltech Hcl Compass 2.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »