XSS Vulnerability in HCL Aftermarket EPC Software
CVE-2024-23569
4.3MEDIUM
What is CVE-2024-23569?
HCL Aftermarket EPC is exposed to security threats due to the absence of the 'X-XSS-Protection' header in its server configuration. This vulnerability can allow an attacker to execute malicious scripts in the context of the user's session, potentially leading to data theft and manipulation. Implementing proper security headers is crucial to mitigate such risks and safeguard user data.
Affected Version(s)
Aftermarket EPC version 1.0.0
