Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-26 | CVE-2023-28008 | XXE vulnerability in Hcltech Workload Automation 10.1.0/9.4.0/9.5.0 HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.1 |
| 2023-04-26 | CVE-2023-28009 | XXE vulnerability in Hcltech Workload Automation 10.1.0/9.4.0/9.5.0 HCL Workload Automation is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.1 |
| 2023-03-10 | CVE-2021-27788 | Cross-site Scripting vulnerability in Hcltech Verse HCL Verse is susceptible to a Cross Site Scripting (XSS) vulnerability. | 6.1 |
| 2023-02-12 | CVE-2022-38657 | Open Redirect vulnerability in Hcltech HCL Leap An open redirect to malicious sites can occur when accessing the "Feedback" action on the manager page. | 5.4 |
| 2023-01-20 | CVE-2021-27782 | Improper Restriction of Excessive Authentication Attempts vulnerability in Hcltech Bigfix Mobile 2.0 HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. | 7.5 |
| 2022-12-21 | CVE-2022-38655 | Unspecified vulnerability in Hcltech Bigfix Webui 20 BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site. | 5.8 |
| 2022-12-19 | CVE-2022-38653 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 In HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application unencoded. | 5.4 |
| 2022-12-19 | CVE-2022-38662 | Open Redirect vulnerability in Hcltech HCL Digital Experience 8.5/9.0/9.5 In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites. | 6.1 |
| 2022-12-19 | CVE-2022-44750 | Out-of-bounds Write vulnerability in Hcltech Domino 9.0/9.0.1 HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. | 7.8 |
| 2022-12-19 | CVE-2022-44751 | Out-of-bounds Write vulnerability in Hcltech Notes 10.0.1/9.0.1 HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. | 7.8 |