cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-37496,https://securityvulnerability.io/vulnerability/CVE-2023-37496,HCL Verse is susceptible to a Stored Cross-Site Scripting (XSS) Vulnerability,"HCL Verse contains a Stored Cross Site Scripting (XSS) vulnerability that could potentially allow an attacker to inject malicious scripts into the web application. Once executed in a victim's browser, this can enable unauthorized actions or lead to the theft of sensitive data including cookies and session tokens. Proper security measures and timely updates are essential to mitigate these risks and protect user information.",Hcl Software,Hcl Verse,8.3,HIGH,0.0005300000193528831,false,false,false,false,,false,false,2023-08-01T01:15:00.000Z,0
CVE-2023-28013,https://securityvulnerability.io/vulnerability/CVE-2023-28013,HCL Verse is susceptible to a Reflected Cross-Site Scripting (XSS) Vulnerability,"HCL Verse is susceptible to a Reflected Cross Site Scripting (XSS) vulnerability.  By tricking a user into entering crafted markup a remote, unauthenticated attacker could execute script in a victim's web browser to perform operations as the victim and/or steal the victim's cookies, session tokens, or other sensitive information.
",Hcl Software,Hcl Verse,6.5,MEDIUM,0.001290000043809414,false,false,false,false,,false,false,2023-07-26T23:15:00.000Z,0
CVE-2020-4099,https://securityvulnerability.io/vulnerability/CVE-2020-4099,HCL Verse for Android is susceptible to an APK signing key check vulnerability,"The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the app after maliciously modifying the app.",Hcl Software,Hcl Verse For Android,5.9,MEDIUM,0.0007300000288523734,false,false,false,false,,false,false,2022-11-01T18:15:00.000Z,0
CVE-2020-4080,https://securityvulnerability.io/vulnerability/CVE-2020-4080,,HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated remote attacker could exploit this vulnerability using specially-crafted markup to execute script in a victim's web browser within the security context of the hosting Web site and/or steal the victim's cookie-based authentication credentials.,HCL Software,Hcl Verse,6.1,MEDIUM,0.001509999972768128,false,false,false,false,,false,false,2020-12-18T21:14:49.000Z,0
CVE-2020-4100,https://securityvulnerability.io/vulnerability/CVE-2020-4100,,"""HCL Verse for Android was found to employ dynamic code loading. This mechanism allows a developer to specify which components of the application should not be loaded by default when the application is started. Typically, core components and additional dependencies are loaded natively at runtime; however, dynamically loaded components are only loaded as they are specifically requested. While this can have a positive impact on performance, or grant additional functionality (for example, a non-invasive update feature), it can also open the application to loading unintended code if not implemented properly.""",HCL Software,"""hcl Verse For Android""",4.4,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2020-07-15T12:31:11.000Z,0