Lucene search
K
HcltechDigital Experience

11 matches found

CVE
CVE
added 2022/12/15 8:56 p.m.63 views

CVE-2022-38653

HCL Digital Experience is reported vulnerable to a cross-site scripting (XSS) issue where a customized payload can be served unencoded in the application. The CVE-2022-38653 entry lists a CVSS v3.1 base score of 5.4 (MEDIUM) with NETWORK attack vector, LOW impact on confidentiality/integrity and ...

5.4CVSS4.4AI score0.00293EPSS
CVE
CVE
added 2023/10/11 12:53 p.m.56 views

CVE-2023-37538

HCL Digital Experience is affected by a reflected XSS vulnerability in one subcomponent. The issue requires a user to click a crafted URL conveyed via email or another web delivery method, enabling an attacker to perform cross-site scripting. The Connected documents do not provide explicit affect...

9.3CVSS6.6AI score0.00359EPSS
CVE
CVE
added 2021/02/02 8:8 p.m.54 views

CVE-2020-4081

CVE-2020-4081 affects HCL Digital Experience WSRP consumer in versions 8.5, 9.0, and 9.5 and is a cross-site scripting (XSS) vulnerability. Root cause cited in CNVD-2021-09494 is lack of proper validation of client-side data in the WEB application. Documented impact is XSS with no additional expl...

6.1CVSS6AI score0.00634EPSS
CVE
CVE
added 2021/02/02 7:31 p.m.51 views

CVE-2020-14221

Technical details about CVE-2020-14221 are not publicly provided in the supplied documents. Monitor for updates.

4.9CVSS5AI score0.00842EPSS
CVE
CVE
added 2021/02/02 7:40 p.m.50 views

CVE-2020-14255

CVE-2020-14255 affects HCL Digital Experience 9.5 containers, with information disclosure of sensitive data via crafted requests. Documents consistently describe the issue as container-scoped and not impacting on-premise installations. The core vulnerability details (root cause, affected componen...

7.5CVSS7.5AI score0.01058EPSS
CVE
CVE
added 2020/10/01 7:31 p.m.46 views

CVE-2020-14223

CVE-2020-14223 affects HCL Digital Experience versions 8.5, 9.0, and 9.5. The connected documents describe a cross-site scripting (XSS) vulnerability that can be exploited via reflected or non-persistent XSS attacks. The material notes the affected product and vulnerability category, but does not...

6.1CVSS5.8AI score0.00641EPSS
CVE
CVE
added 2026/06/05 6:3 a.m.25 views

CVE-2026-21825

HCL Digital Experience Compose is affected by a reflected cross-site scripting (XSS) vulnerability in the search center. An attacker could execute arbitrary JavaScript in the victim’s browser. The CVE-2026-21825 entry lists a CVSS v3.1 base score of 6.1 (MEDIUM) with network access, low privilege...

6.1CVSS5.5AI score0.00152EPSS
CVE
CVE
added 2026/06/05 5:58 a.m.23 views

CVE-2026-21826

CVE-2026-21826 affects HCL Digital Experience and HCL Digital Experience Compose. The root cause is likely improper handling of the Host header, enabling an attacker to manipulate the Host header and cause the application to behave in unexpected ways. The CVSS 3.1 vector indicates: Network attack...

6.1CVSS5.5AI score0.00144EPSS
CVE
CVE
added 2026/06/05 5:50 a.m.23 views

CVE-2026-21837

HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API. An attacker may execute arbitrary operating system commands, typically inheriting the privileges of the vulnerable application, which could lead to a complete system takeover and data ...

8.8CVSS5.9AI score0.0092EPSS
CVE
CVE
added 2025/08/19 6:12 p.m.20 views

CVE-2025-31988

CVE-2025-31988 affects HCL Digital Experience. It is described as a cross-site scripting (XSS) vulnerability in an administrative UI with restricted access. Publiced technical details in connected sources show CVSS 3.1 with a Network attack vector, Low attack complexity, Privileges Required: High...

4.9CVSS6.1AI score0.00224EPSS
CVE
CVE
added 2026/02/20 8:1 p.m.11 views

CVE-2025-62326

HCL Digital Experience is susceptible to stored XSS in the administrative UI that requires elevated privileges to exploit. Affected component: the admin interface of HCL Digital Experience. The vulnerability is stored XSS with the attacker needing high privileges and user interaction is required ...

6.1CVSS5.1AI score0.00154EPSS