Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown

CVE-2022-38662

Disclosure Date: December 19, 2022 (last updated November 08, 2023)
 In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-27774

Disclosure Date: September 13, 2022 (last updated February 24, 2025)
User input included in error response, which could be used in a phishing attack.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-14222

Disclosure Date: November 05, 2020 (last updated February 22, 2025)
HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-4101

Disclosure Date: June 11, 2020 (last updated February 21, 2025)
"HCL Digital Experience is susceptible to Server Side Request Forgery."
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0