3 matches found
CVE-2024-30149
CVE-2024-30149 affects HCL AppScan Source versions 10.6.0 and earlier, with a root cause of improper validation of a TLS/SSL certificate for an executable. Public sources consistently state the issue in the AppScan Source
CVE-2019-16188
The CVE-2019-16188 issue affects HCL AppScan Source prior to version 9.03.13. It allows XML External Entity (XXE) attacks via a specially crafted .ozasmt file, where, if the victim opens/imports it, the attacker can read local files accessible to the victim and exfiltrate content to a remote list...
CVE-2019-4388
CVE-2019-4388 affects HCL AppScan Source (≤ 9.0.3.13). The vulnerability is described as cross-site scripting (XSS) in the Web UI, allowing embedding of arbitrary JavaScript. Several connected records corroborate an XSS issue stemming from insufficient validation of client-side data. The exact te...