HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-04-25
HCL SX does not set the secure attribute on authorization tokens or session cookies. Attackers may potentially be able to obtain access to the cookie values via a Cross-Site-Forgery-Request (CSRF).
CVSS Score
5.5
EPSS Score
0.0
Published
2025-03-26
HCL SX is vulnerable to cross-site request forgery vulnerability which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-03-03