Vulnerabilities > Hcltech > Bigfix Mobile > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-27 | CVE-2023-28014 | Cross-site Scripting vulnerability in Hcltech Bigfix Mobile 3.0 HCL BigFix Mobile is vulnerable to a cross-site scripting attack. | 5.4 |
| 2022-05-27 | CVE-2021-27780 | Unspecified vulnerability in Hcltech Bigfix Mobile and Modern Client Management The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment. | 5.3 |
| 2022-05-27 | CVE-2021-27781 | Cross-site Scripting vulnerability in Hcltech Bigfix Mobile and Modern Client Management The Master operator may be able to embed script tag in HTML with alert pop-up display cookie. | 4.8 |
| 2022-05-25 | CVE-2021-27783 | Missing Encryption of Sensitive Data vulnerability in Hcltech Bigfix Mobile and Bigfix Modern Client Management User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. | 6.5 |