CVE-2023-37496
- EPSS 0.18%
- Veröffentlicht 01.08.2023 01:15:10
- Zuletzt bearbeitet 21.11.2024 08:11:49
HCL Verse is susceptible to a Stored Cross Site Scripting (XSS) vulnerability. An attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive infor...
CVE-2023-28013
- EPSS 0.1%
- Veröffentlicht 26.07.2023 23:15:09
- Zuletzt bearbeitet 21.11.2024 07:53:55
HCL Verse is susceptible to a Reflected Cross Site Scripting (XSS) vulnerability. By tricking a user into entering crafted markup a remote, unauthenticated attacker could execute script in a victim's web browser to perform operations as the victim a...
CVE-2021-27788
- EPSS 0.09%
- Veröffentlicht 10.03.2023 21:15:10
- Zuletzt bearbeitet 27.02.2025 21:15:13
HCL Verse is susceptible to a Cross Site Scripting (XSS) vulnerability. By tricking a user into clicking a crafted URL, a remote unauthenticated attacker could execute script in a victim's web browser to perform operations as the victim and/or steal...
CVE-2020-4099
- EPSS 0.1%
- Veröffentlicht 01.11.2022 18:15:10
- Zuletzt bearbeitet 21.11.2024 05:32:17
The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.
CVE-2021-27768
- EPSS 0.09%
- Veröffentlicht 12.05.2022 22:15:11
- Zuletzt bearbeitet 21.11.2024 05:58:31
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted us...