Missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower could allow an attacker to execute a malicious script on the user's...
9.8CVSS
9.3AI Score
0.001EPSS
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's...
9.8CVSS
9.4AI Score
0.001EPSS
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious...
5.3CVSS
5.3AI Score
0.0005EPSS
Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled...
6.1CVSS
6.3AI Score
0.0005EPSS
The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently...
7.8CVSS
7.5AI Score
0.0004EPSS
A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to use transparent or opaque layers to trick a user into clicking on a button or link on another page to perform a redirect to an attacker-controlled...
6.1CVSS
6.2AI Score
0.0005EPSS