109 matches found
CVE-2025-31988 HCL Digital Experience is susceptible to cross site scripting (XSS)
HCL Digital Experience is susceptible to cross site scripting XSS in an administrative UI with restricted access...
CVE-2025-31988
CVE-2025-31988 affects HCL Digital Experience. It is described as a cross-site scripting (XSS) vulnerability in an administrative UI with restricted access. Publiced technical details in connected sources show CVSS 3.1 with a Network attack vector, Low attack complexity, Privileges Required: High...
PT-2025-33823 · Hcl · Hcl Digital Experience
Name of the Vulnerable Software and Affected Versions: HCL Digital Experience affected versions not specified Description: HCL Digital Experience is susceptible to cross-site scripting XSS within an administrative user interface that has restricted access. Recommendations: At the moment, there is...
HCL Digital Experience 安全漏洞
HCL Digital Experience is a suite of digital experience platforms, content delivery solutions from HCL India. A security vulnerability exists in HCL Digital Experience that stems from the restricted access administrative interface being susceptible to cross-site scripting attacks...
CVE-2020-14222
HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting XSS. One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism email, other web site...
CVE-2020-14255
HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise installations...
CVE-2020-14221
HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users...
CVE-2020-14223
HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting XSS. The vulnerability could be employed in a reflected or non-persistent XSS attack...
CVE-2020-4101
"HCL Digital Experience is susceptible to Server Side Request Forgery."...
CVE-2025-0254
HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle MitM attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties...
CVE-2025-0254
HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle MitM attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties...
CVE-2025-0254 HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226.
HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle MitM attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties...
CVE-2025-0254
CVE-2025-0254 affects HCL Digital Experience components Ring API and dxclient. The vulnerability enables man-in-the-middle (MitM) attacks that could allow an attacker to intercept and potentially alter communications between two parties. Affected versions are prior to 9.5 CF226. The available doc...
CVE-2025-0254 HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226.
HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle MitM attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties...
HCL Digital Experience 安全漏洞
HCL Digital Experience is a suite of digital experience platforms, content delivery solutions from HCL India. A security vulnerability exists in HCL Digital Experience versions prior to 9.5 CF226, which stems from a possible man-in-the-middle attack that could lead to interception and tampering o...
CVE-2023-37538
HCL Digital Experience is susceptible to cross site scripting XSS. One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism email, other web site...
CVE-2023-37538
HCL Digital Experience is susceptible to cross site scripting XSS. One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism email, other web site...
Cross site scripting
HCL Digital Experience is susceptible to cross site scripting XSS. One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism email, other web site...
CVE-2023-37538 HCL Digital Experience is susceptible to cross site scripting (XSS)
HCL Digital Experience is susceptible to cross site scripting XSS. One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism email, other web site...
CVE-2023-37538 HCL Digital Experience is susceptible to cross site scripting (XSS)
HCL Digital Experience is susceptible to cross site scripting XSS. One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism email, other web site...