Vulnerabilities > Hcltech > HCL Compass
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-19 | CVE-2023-37503 | Weak Password Requirements vulnerability in Hcltech HCL Compass HCL Compass is vulnerable to insecure password requirements. | 9.8 |
| 2023-10-19 | CVE-2023-37504 | Insufficient Session Expiration vulnerability in Hcltech HCL Compass HCL Compass is vulnerable to failure to invalidate sessions. | 6.5 |
| 2023-10-18 | CVE-2023-37502 | Unrestricted Upload of File with Dangerous Type vulnerability in Hcltech HCL Compass HCL Compass is vulnerable to lack of file upload security. | 8.8 |
| 2023-04-02 | CVE-2022-42447 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech HCL Compass HCL Compass is vulnerable to Cross-Origin Resource Sharing (CORS). | 8.8 |