425 matches found
CVE-2019-4325
"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."...
Unspecified Vulnerability in HCL AppScan Enterprise advisory API
HCL AppScan Enterprise is a suite of dynamic analysis and testing tools from HCL India, which is primarily used for web security testing. A security vulnerability exists in the Advisory API documentation in HCL AppScan Enterprise 10.0.0 and earlier versions. The vulnerability can be exploited by ...
HCL AppScan Cross-Site Scripting Vulnerability
HCL AppScan is a suite of dynamic analysis testing tools from HCL India, which is primarily used for web security testing. A cross-site scripting vulnerability exists in HCL AppScan Enterprise Edition version 10.0.0 and earlier. The vulnerability stems from the lack of proper validation of...
CVE-2019-4324
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."...
CVE-2019-4324
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."...
CVE-2019-4323
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...
CVE-2019-4323
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...
Spoofing
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...
Cross site scripting
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."...
CVE-2019-4323
CVE-2019-4323 concerns HCL AppScan Enterprise’s advisory API documentation being vulnerable to clickjacking. The CNVD entry specifies that AppScan Enterprise 10.0.0 and earlier versions are affected and that an attacker could inject content from untrustworthy pages by framing the advisory API doc...
CVE-2019-4323
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."...
CVE-2019-4324
The provided connected documents confirm CVE-2019-4324 affects HCL AppScan Enterprise and describe it as a Cross-Site Scripting vulnerability that occurs when importing a specially crafted test policy. The exact root cause, affected versions/products beyond “HCL AppScan Enterprise,” and practical...
CVE-2019-4324
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."...
HCL Technologies AppScan Enterprise Trust Management Issue Vulnerability
HCL Technologies AppScan is a suite of dynamic analysis testing tools from HCL Technologies, India, which is primarily used for web security testing. A security vulnerability exists in HCL Technologies AppScan Enterprise 9.0.3.14 and earlier versions, which stems from the product's use of...
CVE-2019-4327
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."...
CVE-2019-4327
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."...
Hardcoded credentials
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."...
CVE-2019-4327
CVE-2019-4327 affects HCL AppScan Enterprise. The connected CNVD entry specifies the vulnerability exists in AppScan Enterprise versions 9.0.3.14 and earlier, arising from the use of hard-coded credentials. As a result, an attacker could gain unauthorized access to the application's encrypted fil...
CVE-2019-4327
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."...
Unspecified Vulnerability in HCL Technologies AppScan Standard Edition
HCL Technologies AppScan Standard Edition is a suite of dynamic analysis testing tools from HCL Technologies, India, which is primarily used for web security testing. HCL Technologies AppScan Standard Edition suffers from an unspecified vulnerability that stems from an incorrect account lockout...