Vulnerabilities > Hcltech > Unica > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-37497 | XXE vulnerability in Hcltech Unica The Unica application exposes an API which accepts arbitrary XML input. | 8.8 |
| 2023-08-03 | CVE-2023-37498 | Unspecified vulnerability in Hcltech Unica A user is capable of assigning him/herself to arbitrary groups by reusing a POST request issued by an administrator. | 8.8 |
| 2022-05-12 | CVE-2021-27777 | XXE vulnerability in Hcltech Unica XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers process user supplied input without sufficient validation. | 7.5 |