Dryice Myxalytics
Monthly
HCL MyXalytics: 6.6. is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields.
HCL MyXalytics v6.6 is affected by an HTML Injection. This issue occurs when untrusted input is included in the output without proper handling, potentially allowing unauthorized content injection and manipulation.
HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of unauthorized scripts, potentially resulting in unauthorized actions or access.
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Rated low severity (CVSS 2.5). No vendor patch available.
HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by concurrent login vulnerability. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. Rated low severity (CVSS 1.6). No vendor patch available.
HCL MyXalytics is affected by a malicious file upload vulnerability. Rated low severity (CVSS 1.6). No vendor patch available.
HCL MyXalytics is affected by sensitive information disclosure vulnerability. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by a weak input validation vulnerability. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by username enumeration vulnerability. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
HCL MyXalytics is affected by an improper password policy implementation vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by broken authentication. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
HCL MyXalytics is affected by a session fixation vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by a session fixation vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
HCL MyXalytics is affected by insecure direct object references. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
HCL MyXalytics: 6.6. is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields.
HCL MyXalytics v6.6 is affected by an HTML Injection. This issue occurs when untrusted input is included in the output without proper handling, potentially allowing unauthorized content injection and manipulation.
HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of unauthorized scripts, potentially resulting in unauthorized actions or access.
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Rated low severity (CVSS 2.5). No vendor patch available.
HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by concurrent login vulnerability. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. Rated low severity (CVSS 1.6). No vendor patch available.
HCL MyXalytics is affected by a malicious file upload vulnerability. Rated low severity (CVSS 1.6). No vendor patch available.
HCL MyXalytics is affected by sensitive information disclosure vulnerability. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by a weak input validation vulnerability. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by username enumeration vulnerability. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
HCL MyXalytics is affected by an improper password policy implementation vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by broken authentication. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
HCL MyXalytics is affected by a session fixation vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. No vendor patch available.
HCL MyXalytics is affected by a session fixation vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
HCL MyXalytics is affected by insecure direct object references. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.