A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attack to exploit an application parameter during execution of the Save Report.
References
Link | Resource |
---|---|
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209 | Vendor Advisory |
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:11
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
References | () https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209 - Vendor Advisory |
12 Feb 2024, 16:55
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CPE | cpe:2.3:a:hcltech:bigfix_platform:11.0.0:*:*:*:*:*:*:* cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:* |
|
References | () https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209 - Vendor Advisory | |
CWE | CWE-79 | |
First Time |
Hcltech
Hcltech bigfix Platform |
03 Feb 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-03 06:15
Updated : 2024-11-21 08:11
NVD link : CVE-2023-37528
Mitre link : CVE-2023-37528
CVE.ORG link : CVE-2023-37528
JSON object : View
Products Affected
hcltech
- bigfix_platform
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')