Hardcoded credentials

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."...

CVE-2019-4327

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."...

CVE-2019-4393

HCL AppScan Standard is vulnerable to excessive authorization attempts...

CVE-2019-4391

HCL AppScan Standard is vulnerable to XML External Entity Injection XXE attack when processing XML data...

CVE-2019-4393

HCL AppScan Standard is vulnerable to excessive authorization attempts...

CVE-2019-4391

HCL AppScan Standard is vulnerable to XML External Entity Injection XXE attack when processing XML data...

Xxe

HCL AppScan Standard is vulnerable to XML External Entity Injection XXE attack when processing XML data...

Authorization

HCL AppScan Standard is vulnerable to excessive authorization attempts...

CVE-2019-4393

HCL AppScan Standard is vulnerable to excessive authorization attempts...

CVE-2019-4391

HCL AppScan Standard is vulnerable to XML External Entity Injection XXE attack when processing XML data...

CVE-2019-4392

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system...

Hardcoded credentials

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system...

CVE-2019-4392

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system...

CVE-2019-4388

HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting XSS attacks by allowing users to embed arbitrary JavaScript code in the Web UI...

CVE-2019-4388

HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting XSS attacks by allowing users to embed arbitrary JavaScript code in the Web UI...

Cross site scripting

HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting XSS attacks by allowing users to embed arbitrary JavaScript code in the Web UI...

HCL AppScan Source Code Issue Vulnerability

HCL AppScan Source is a suite of dynamic analysis and testing tools from HCL India, which is mainly used for web security testing. A code issue vulnerability exists in HCL AppScan Source versions prior to 9.03.13. The vulnerability stems from an improperly designed or implemented code development...

CVE-2019-16188

HCL AppScan Source before 9.03.13 is susceptible to XML External Entity XXE attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppScan Source, the conte...

CVE-2019-16188

HCL AppScan Source before 9.03.13 is susceptible to XML External Entity XXE attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppScan Source, the conte...

Xxe

HCL AppScan Source before 9.03.13 is susceptible to XML External Entity XXE attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppScan Source, the conte...