Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-05 | CVE-2020-14222 | Cross-site Scripting vulnerability in Hcltech HCL Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). | 6.1 |
| 2020-10-06 | CVE-2019-4326 | Improper Encoding or Escaping of Output vulnerability in Hcltech Appscan 10.0.0/9.0.3.14 "HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header." | 7.5 |
| 2020-10-06 | CVE-2019-4325 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Appscan 10.0.0/10.0.1/9.0.3.14 "HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details." | 5.3 |
| 2020-10-01 | CVE-2020-14223 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS). | 6.1 |
| 2020-07-17 | CVE-2020-4104 | Cross-site Scripting vulnerability in Hcltech Bigfix Webui HCL BigFix WebUI is vulnerable to stored cross-site scripting (XSS) within the Apps->Software module. | 5.4 |
| 2020-07-17 | CVE-2019-4091 | Cross-site Scripting vulnerability in Hcltech Marketing Campaign "HCL Marketing Platform is vulnerable to cross-site scripting during addition of new users and also while searching for users in Dashboard, potentially giving an attacker ability to inject malicious code into the system. | 5.4 |
| 2020-07-17 | CVE-2019-4090 | Cross-site Scripting vulnerability in Hcltech Marketing Campaign 10.1.0/11.0.1/11.1.0 "HCL Campaign is vulnerable to cross-site scripting when a user provides XSS scripts in Campaign Description field." | 5.4 |
| 2020-07-16 | CVE-2020-4095 | Insufficiently Protected Credentials vulnerability in Hcltech Bigfix Platform "BigFix Platform is storing clear text credentials within the system's memory. | 6.0 |
| 2020-07-07 | CVE-2019-4324 | Cross-site Scripting vulnerability in Hcltech Appscan 10.0.0/9.0.3.14 "HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy." | 6.1 |
| 2020-07-07 | CVE-2019-4323 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Appscan 10.0.0/9.0.3.14 "HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame." | 4.3 |