CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-37538

HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.3%

CVSS Severity

CVSS v3 Score 9.3

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108006
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108006

Products affected by CVE-2023-37538

Hcltech » Digital Experience » Version: 8.5

cpe:2.3:a:hcltech:digital_experience:8.5
Hcltech » Digital Experience » Version: 9.0

cpe:2.3:a:hcltech:digital_experience:9.0
Hcltech » Digital Experience » Version: 9.5

cpe:2.3:a:hcltech:digital_experience:9.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37538

Products

Pricing

Contact Us