Skip to main content

Hcl Digital Experience

3 CVEs product

Monthly

CVE-2022-38662 MEDIUM This Month

In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Hcl Digital Experience
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2020-14222 MEDIUM This Month

HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Hcl Digital Experience
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-4101 CRITICAL Act Now

"HCL Digital Experience is susceptible to Server Side Request Forgery.". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Hcl Digital Experience
NVD
CVSS 3.1
9.8
EPSS
1.1%
EPSS 0% CVSS 6.1
MEDIUM This Month

In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Hcl Digital Experience
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Hcl Digital Experience
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

"HCL Digital Experience is susceptible to Server Side Request Forgery.". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Hcl Digital Experience
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy