Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-37499 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent Cross-site Scripting (XSS) vulnerability can be carried out in a certain field of the Unica Platform. | 6.1 |
| 2023-08-03 | CVE-2023-37500 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform. | 6.1 |
| 2023-08-01 | CVE-2023-37496 | Cross-site Scripting vulnerability in Hcltech Verse HCL Verse is susceptible to a Stored Cross Site Scripting (XSS) vulnerability. | 5.4 |
| 2023-07-27 | CVE-2023-28012 | Command Injection vulnerability in Hcltech Bigfix Mobile 3.0 HCL BigFix Mobile is vulnerable to a command injection attack. | 8.8 |
| 2023-07-27 | CVE-2023-28014 | Cross-site Scripting vulnerability in Hcltech Bigfix Mobile 3.0 HCL BigFix Mobile is vulnerable to a cross-site scripting attack. | 5.4 |
| 2023-07-26 | CVE-2023-28013 | Cross-site Scripting vulnerability in Hcltech Verse HCL Verse is susceptible to a Reflected Cross Site Scripting (XSS) vulnerability. | 6.1 |
| 2023-07-18 | CVE-2023-28023 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Bigfix Webui 14/20/44 A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems (server machine and all the ones in its network). | 6.5 |
| 2023-07-18 | CVE-2023-28020 | Open Redirect vulnerability in Hcltech Bigfix Webui URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header. | 6.1 |
| 2023-07-18 | CVE-2023-28021 | Inadequate Encryption Strength vulnerability in Hcltech Bigfix Webui The BigFix WebUI uses weak cipher suites. | 7.5 |
| 2023-07-18 | CVE-2023-28019 | SQL Injection vulnerability in Hcltech Bigfix Webui Insufficient validation in Bigfix WebUI API App site version < 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query. | 8.8 |