Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed...
4.8CVSS
6.1AI Score
0.0004EPSS
HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI...
8.8CVSS
9AI Score
0.0005EPSS
HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the...
5.4CVSS
5.2AI Score
0.0004EPSS
The Master operator may be able to embed script tag in HTML with alert pop-up display...
4.8CVSS
5AI Score
0.001EPSS
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device...
5.3CVSS
5.4AI Score
0.001EPSS
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information...
6.5CVSS
6.4AI Score
0.001EPSS