CVE-2023-37528

Sažetak

A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attack to exploit an application parameter during execution of the Save Report.

Reference

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209

CVSS

Base:	6.5
Impact:	4.7
Exploitability:	1.3

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N

Zadnje važnije ažuriranje

03-06-2025 - 19:15

Objavljeno

03-02-2024 - 06:15