Vulnerabilities > Hcltech > Bigfix Modern Client Management > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-28025 | Cross-site Scripting vulnerability in Hcltech Bigfix Modern Client Management 2.0/2.1 Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. | 4.8 |
| 2022-05-25 | CVE-2021-27783 | Missing Encryption of Sensitive Data vulnerability in Hcltech Bigfix Mobile and Bigfix Modern Client Management User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. | 6.5 |