CVE-2023-28009 – HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection
https://notcve.org/view.php?id=CVE-2023-28009
HCL Workload Automation is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0104371 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2023-28008 – HCL Workload Automation is vulnerable to XML External Entity (XXE) Injection
https://notcve.org/view.php?id=CVE-2023-28008
HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0104371 • CWE-611: Improper Restriction of XML External Entity Reference •