6.1
CVE-2022-38662
- EPSS 0.19%
- Veröffentlicht 19.12.2022 11:15:10
- Zuletzt bearbeitet 18.04.2025 16:15:20
- Quelle psirt@hcl.com
- CVE-Watchlists
- Unerledigt
LoginHCL Digital Experience is susceptible to open redirects
In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hcltech ≫ Hcl Digital Experience Version8.5
Hcltech ≫ Hcl Digital Experience Version9.0
Hcltech ≫ Hcl Digital Experience Version9.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.412 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| psirt@hcl.com | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.