Vulnerabilities > Hcltech > Digital Experience
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-11 | CVE-2023-37538 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience is susceptible to cross site scripting (XSS). | 6.1 |
| 2022-12-19 | CVE-2022-38653 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 In HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application unencoded. | 5.4 |
| 2021-02-02 | CVE-2020-4081 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS). | 4.3 |
| 2021-02-02 | CVE-2020-14255 | Information Exposure vulnerability in Hcltech Digital Experience 9.5 HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. | 5.0 |
| 2021-02-02 | CVE-2020-14221 | Information Exposure vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users. | 4.0 |
| 2020-10-01 | CVE-2020-14223 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS). | 4.3 |