Marketing Campaign Security Vulnerabilities

CVE-2019-4090

"HCL Campaign is vulnerable to cross-site scripting when a user provides XSS scripts in Campaign Description field."

CVE-2019-4091

"HCL Marketing Platform is vulnerable to cross-site scripting during addition of new users and also while searching for users in Dashboard, potentially giving an attacker ability to inject malicious code into the system. "