Vulnerabilities > Hcltech > Unica
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-37501 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent XSS vulnerability can be carried out in a certain field of Unica Campaign. | 6.1 |
| 2023-08-03 | CVE-2023-37497 | XXE vulnerability in Hcltech Unica The Unica application exposes an API which accepts arbitrary XML input. | 8.8 |
| 2023-08-03 | CVE-2023-37498 | Unspecified vulnerability in Hcltech Unica A user is capable of assigning him/herself to arbitrary groups by reusing a POST request issued by an administrator. | 8.8 |
| 2023-08-03 | CVE-2023-37499 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent Cross-site Scripting (XSS) vulnerability can be carried out in a certain field of the Unica Platform. | 6.1 |
| 2023-08-03 | CVE-2023-37500 | Cross-site Scripting vulnerability in Hcltech Unica A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform. | 6.1 |
| 2022-05-12 | CVE-2021-27777 | XXE vulnerability in Hcltech Unica XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers process user supplied input without sufficient validation. | 7.5 |