Описание
HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hcltech:digital_experience:8.5:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:digital_experience:9.0:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:digital_experience:9.5:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00226
Низкий
9.3 Critical
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 9.3
github
больше 2 лет назад
HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).
EPSS
Процентиль: 45%
0.00226
Низкий
9.3 Critical
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79