Vulnerabilities > Hcltech > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-11 | CVE-2023-37513 | Unspecified vulnerability in Hcltech Traveler to DO When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information. | 5.5 |
| 2023-08-03 | CVE-2023-37501 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent XSS vulnerability can be carried out in a certain field of Unica Campaign. | 6.1 |
| 2023-08-03 | CVE-2023-37499 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent Cross-site Scripting (XSS) vulnerability can be carried out in a certain field of the Unica Platform. | 6.1 |
| 2023-08-03 | CVE-2023-37500 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform. | 6.1 |
| 2023-08-01 | CVE-2023-37496 | Cross-site Scripting vulnerability in Hcltech Verse HCL Verse is susceptible to a Stored Cross Site Scripting (XSS) vulnerability. | 5.4 |
| 2023-07-27 | CVE-2023-28014 | Cross-site Scripting vulnerability in Hcltech Bigfix Mobile 3.0 HCL BigFix Mobile is vulnerable to a cross-site scripting attack. | 5.4 |
| 2023-07-26 | CVE-2023-28013 | Cross-site Scripting vulnerability in Hcltech Verse HCL Verse is susceptible to a Reflected Cross Site Scripting (XSS) vulnerability. | 6.1 |
| 2023-07-18 | CVE-2023-28023 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Bigfix Webui 14/20/44 A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems (server machine and all the ones in its network). | 6.5 |
| 2023-07-18 | CVE-2023-28020 | Open Redirect vulnerability in Hcltech Bigfix Webui URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header. | 6.1 |
| 2023-06-23 | CVE-2023-23344 | Incorrect Default Permissions vulnerability in Hcltech Bigfix Webui Insights 14 A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page. | 6.5 |