Lucene search
+L

7 matches found

Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.5 views

PT-2025-18336 · Hcl · Hcl Leap

Name of the Vulnerable Software and Affected Versions: HCL Leap affected versions not specified Description: The issue is related to an insufficient sanitization policy, which allows client-side script injection in the deployed application. This can be achieved through the HTML widget...

6.3CVSS6.1AI score0.00196EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/04/26 5:28 p.m.13 views

CVE-2024-30147

Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications...

6.5CVSS7.2AI score0.00229EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/24 8:37 p.m.8 views

CVE-2022-44760 HCL Leap is affected by an unrestricted upload of file with dangerous type vulnerability

Unsafe default file type filter policy in HCL Leap allows execution of unsafe JavaScript in deployed applications...

4.6CVSS7.3AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2025/04/24 8:37 p.m.57 views

CVE-2022-44760

CVE-2022-44760 concerns HCL Leap where an unsafe default file type filter policy in Leap permits execution of unsafe JavaScript in deployed applications. The root cause listed is the default file type filtering policy, leading to potential unsafe script execution. Documented impacts indicate unsa...

4.6CVSS4.9AI score0.00242EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/24 8:37 p.m.10 views

CVE-2023-37516 HCL Leap is affected by missing "no cache" headers

Missing "no cache" headers in HCL Leap permits user directory information to be cached...

3.2CVSS6.8AI score0.00138EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/24 4:25 p.m.28 views

CVE-2023-45720 HCL Leap is affected by a disclosure of private personal information vulnerability

Insufficient default configuration in HCL Leap allows anonymous access to directory information...

5.3CVSS0.00274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/24 4:23 p.m.11 views

CVE-2024-30113 HCL Leap is affected by a cross-site scripting (XSS) vulnerability

Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget...

6.3CVSS7.4AI score0.00265EPSS
Exploits0References1
Rows per page
Query Builder