An injection vulnerability affects HCL Digital Experience
CVE-2021-27774

3.1LOW

Key Information:

Vendor: HCL Software Software
Status: HCL Software Digital Experience
Vendor: CVE Published:; 22 September 2022

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2021-27774?

User input included in error response, which could be used in a phishing attack.

Affected Version(s)

HCL Digital Experience 8.5, 9.0, 9.5

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

x_refsource_MISC

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 22, 2022
Vulnerability Reserved
Feb 26, 2021

.