Lucene search

Hcl Digital Experience Security Vulnerabilities

cve

CVE-2022-38653

In HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application...

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-19 11:15 AM

cve

CVE-2022-38662

In HCL Digital Experience, URLs can be constructed to redirect users to untrusted...

6.1CVSS

6.2AI Score

0.001EPSS

2022-12-19 11:15 AM

cve

CVE-2021-27774

User input included in error response, which could be used in a phishing...

5.4CVSS

5.5AI Score

0.001EPSS

2022-09-22 09:15 PM

cve

CVE-2020-4081

In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting...

6.1CVSS

6AI Score

0.001EPSS

2021-02-02 09:15 PM

cve

CVE-2020-14255

HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise...

7.5CVSS

7.5AI Score

0.002EPSS

2021-02-02 08:15 PM

cve

CVE-2020-14221

HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized...

4.9CVSS

5AI Score

0.001EPSS

2021-02-02 08:15 PM

cve

CVE-2020-14222

HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web...

6.1CVSS

6AI Score

0.001EPSS

2020-11-05 05:15 PM

cve

CVE-2020-14223

HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS). The vulnerability could be employed in a reflected or non-persistent XSS...

6.1CVSS

5.8AI Score

0.001EPSS

2020-10-01 08:15 PM

cve

CVE-2020-4101

"HCL Digital Experience is susceptible to Server Side Request...

9.8CVSS

9.3AI Score

0.002EPSS

2020-06-11 02:15 PM