Page 2 of 7 results (0.003 seconds)

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-45707 – HCL Connections Docs is vulnerable to Cross-Site Scripting (XSS)

https://notcve.org/view.php?id=CVE-2023-45707

HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional attacks. HCL Connections Docs es vulnerable a un ataque de Cross-Site Scripting donde un atacante puede aprovechar este problema para ejecutar código arbitrario. Esto puede provocar la divulgación de credenciales y posiblemente lanzar ataques adicionales. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108427 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-23584 – HCL BigFix Asset Discovery is affected by a security vulnerability

https://notcve.org/view.php?id=CVE-2024-23584

The NMAP Importer service​ may expose data store credentials to authorized users of the Windows Registry. El servicio NMAP Importer puede exponer las credenciales del almacén de datos a usuarios autorizados del Registro de Windows. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112264 •