Code injection

2022-07-3000:15:00

PRIOn knowledge base

www.prio-n.com

5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

HCL Commerce’s Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website.

CPENameOperatorVersion
hcl_commercege9.1.0
hcl_commercele9.1.10
hcl_commercege9.0.1
hcl_commercele9.0.1.18

Name	Operator	Version
hcl_commerce	ge	9.1.0
hcl_commerce	le	9.1.10
hcl_commerce	ge	9.0.1
hcl_commerce	le	9.0.1.18

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099765