CVE-2019-4388

HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI.
Configurations

Configuration 1 (hide)

cpe:2.3:a:hcltech:appscan_source:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:43

Type Values Removed Values Added
References () https://hclpnpsupport.hcltech.com/csm?id=kb_article&sysparm_article=KB0074364 - Third Party Advisory () https://hclpnpsupport.hcltech.com/csm?id=kb_article&sysparm_article=KB0074364 - Third Party Advisory

Information

Published : 2019-12-18 13:15

Updated : 2024-11-21 04:43


NVD link : CVE-2019-4388

Mitre link : CVE-2019-4388

CVE.ORG link : CVE-2019-4388


JSON object : View

Products Affected

hcltech

  • appscan_source
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')