hcltech digital_experience の CVE（8 件）

CVE 件数: 8 CPE versions: View versions table

概要

本ページは hcltech digital_experience に影響する公開済み CVE（NVD の CPE 経由で関連付け）を列挙します。各行に深刻度指標・概要・公開日が含まれます。

CVE	概要	ソース	CVSS 最大値	EPSS（%）	公開	更新
CVE-2025-62326	HCL Digital Experience is susceptible to stored cross-site scripting (XSS) in the administrative user interface which would require elevated privileges to exploit.	[email protected]	6.1	0.03%	2026-02-20	2026-02-24
CVE-2025-31988	HCL Digital Experience is susceptible to cross site scripting (XSS) in an administrative UI with restricted access.	[email protected]	4.9	0.02%	2025-08-19	2025-08-21
CVE-2023-37538	HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).	[email protected]	9.3	0.24%	2023-10-11	2024-11-21
CVE-2022-38653	In HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application unencoded.	[email protected]	2.0	0.42%	2022-12-19	2025-04-18
CVE-2020-4081	In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS).	[email protected]	6.1	0.36%	2021-02-02	2024-11-21
CVE-2020-14255	HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise installations.	[email protected]	7.5	0.32%	2021-02-02	2024-11-21
CVE-2020-14221	HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users.	[email protected]	4.9	0.34%	2021-02-02	2024-11-21
CVE-2020-14223	HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS). The vulnerability could be employed in a reflected or non-persistent XSS attack.	[email protected]	6.1	0.36%	2020-10-01	2024-11-21

cvelogic Threat Intelligence