CVE-2023-37538
HCL Digital Experience is susceptible to cross site scripting (XSS)
HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Affected products
HCL Software · Digital ExperienceWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →