Vulnerabilities > Hcltech > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-11 | CVE-2023-37538 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience is susceptible to cross site scripting (XSS). | 6.1 |
| 2023-10-11 | CVE-2022-44758 | Insufficiently Protected Credentials vulnerability in Hcltech Bigfix Insights for vulnerability Remediation 2.0/2.0.2 BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. | 5.3 |
| 2023-10-11 | CVE-2022-42451 | Insufficiently Protected Credentials vulnerability in Hcltech Bigfix Patch Management 1054 Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user. | 4.4 |
| 2023-09-08 | CVE-2023-28010 | Unspecified vulnerability in Hcltech Domino 12.0.2 In some configuration scenarios, the Domino server host name can be exposed. | 5.3 |
| 2023-08-11 | CVE-2023-37511 | Unspecified vulnerability in Hcltech Traveler to DO If certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved. | 4.3 |
| 2023-08-11 | CVE-2023-37512 | Unspecified vulnerability in Hcltech Traveler Companion When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information. | 5.5 |
| 2023-08-11 | CVE-2023-37513 | Unspecified vulnerability in Hcltech Traveler to DO When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information. | 5.5 |
| 2023-08-03 | CVE-2023-37501 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent XSS vulnerability can be carried out in a certain field of Unica Campaign. | 6.1 |
| 2023-08-03 | CVE-2023-37499 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent Cross-site Scripting (XSS) vulnerability can be carried out in a certain field of the Unica Platform. | 6.1 |
| 2023-08-03 | CVE-2023-37500 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform. | 6.1 |