6 matches found
CVE-2023-37526
HCL DRYiCE Lucy now AEX is affected by a Cross Origin Resource Sharing CORS vulnerability. The mobile app is vulnerable to a CORS misconfiguration which could potentially allow unauthorized access to the application resources from any web domain and enable cache poisoning attacks...
HCL DRYiCE Lucy 安全漏洞
HCL Technologies HCL DRYiCE Lucy is an AI-powered virtual assistant from HCL Technologies, USA. A security vulnerability exists in HCL DRYiCE Lucy that stems from vulnerability to CORS misconfiguration...
CVE-2023-37526 HCL DRYiCE Lucy v9 (now AEX) is affected by a Cross Origin Resource Sharing (CORS) Vulnerability
HCL DRYiCE Lucy now AEX is affected by a Cross Origin Resource Sharing CORS vulnerability. The mobile app is vulnerable to a CORS misconfiguration which could potentially allow unauthorized access to the application resources from any web domain and enable cache poisoning attacks...
CVE-2023-37526 HCL DRYiCE Lucy v9 (now AEX) is affected by a Cross Origin Resource Sharing (CORS) Vulnerability
HCL DRYiCE Lucy now AEX is affected by a Cross Origin Resource Sharing CORS vulnerability. The mobile app is vulnerable to a CORS misconfiguration which could potentially allow unauthorized access to the application resources from any web domain and enable cache poisoning attacks...
CVE-2023-37526
The CVE-2023-37526 entry concerns HCL DRYiCE Lucy (now AEX). A CORS misconfiguration in the mobile app could allow unauthorized access to application resources from any web domain and enable cache poisoning, per sources in NVD/CVE records. The root cause is a CORS misconfiguration in the app, wit...
PT-2024-12630 · Hcl · Hcl Dryice Lucy
Name of the Vulnerable Software and Affected Versions: HCL DRYiCE Lucy now AEX affected versions not specified Description: The issue is related to a Cross Origin Resource Sharing CORS misconfiguration in the mobile app, which could allow unauthorized access to application resources from any web...